RIAA Site Under Attack--Again

For one reason or another, your business or organization has raised the ire of some very tech-savvy individuals, and you can't seem to keep your Web site up and running. What do you do?

That may just be what the Recording Industry Association of America is asking itself, given that its site RIAA.org came under attack yet again on Friday, knocking it offline.

The recent downing is just the latest in a string of assaults on the music industry group's site, apparently stemming from the RIAA's crackdown on illegal peer-to-peer file swapping.

Peer-to-Peer Problems

The popularity of P-to-P sites--beginning with the advent of Napster, which was pushed out of business by an RIAA lawsuit, and continuing with players such as Kazaa and Morpheus--has been considered a serious threat to record labels' business. The RIAA has expressed growing concern as more and more Net users opt to trade music for free rather than buy CDs. Hence, the group's problems.

The RIAA, which represents the Big Five record labels, has had its site felled repeatedly, and for longer periods of time, over the last several months. Hackers have even gone as far as modifying the RIAA site by adding links to illegal music downloads. Until Friday, the latest attack was last month, and IDG News Service staffers noted that they were not able to access the site for at least three days.

At that time, the RIAA announced that the U.S. Federal Bureau of Investigation and the Secret Service were investigating.

But because the RIAA has been reticent in commenting on the subject--it issued a standard statement Friday that it is "investigating the latest attack"--it is unclear why the deep-pocketed group has not been able to more adequately defend its site.

Making Changes

Records posted on the Netcraft's Web site, which offers reports on networks connected to the Internet, show that the RIAA has switched hosting providers twice in the last two months, moving from UUNET Technologies to Digex in December and then from Digex to Tomorrow's Solutions Today (TST) on January 29.

TST, a small company operating out of Rockville, Maryland, owns a block of IP addresses hosted by Savvis Communications. Alif Terranson, lead operations security network engineer at Savvis, confirmed that his company replaced Digex as the trade group's hosting provider. He also added that the RIAA had been bombarded by hackers and "script-kiddies" for some time now.

"It's part of the problem of attracting so much attention," Terranson said. "These kids have so much time to spare."

The RIAA's move to Savvis would seem to be a logical choice, given that the hosting company is offering a high-technology criminal investigation program to federal, state, and local law enforcement agencies, according to a press release posted on the company's Web site earlier this week. (The release was pulled from Savvis' site shortly after posting, however, because the program was not supposed to be officially launched until next week.)

But the downing of the RIAA site once again on Friday raises the question of why a hosting provider that is planning to train law enforcement officials and the FBI and Secret Service cannot keep the site up.

"The federal government is going out to see if they can get private industry to help for areas where they are lacking expertise," Terranson said, discussing efforts to collaborate on Internet security. "They don't have the background or expertise necessary to track attacks on a moment-to-moment basis."

He added that traditional law enforcement training does not always prepare investigators to conduct efficient investigations of security-related crime.

For the RIAA, and other Web site owners who have become the target of hackers, that fact may be cold comfort.