SCO Looks for Linux Community Link in DoS Attack

SCO Group Tuesday confirmed that it was the victim of a denial of service (DoS) attack Friday, and said it is investigating the possibility of a link between the attack and its lawsuit against IBM for alleged intellectual property violations.

“SCO is vigorously investigating the source of the attack and the identity of the perpetrators,” said company spokesman Blake Stowell. “This attack came within 48 hours of IBM’s response to SCO’s lawsuit against IBM alleging intellectual property infringement. Given this close proximity in time, we are carefully examining whether a link exists between SCO’s legal action and some of the Linux community who are hostile toward SCO for asserting its legal rights.”

Lindon, Utah-based SCO has raised hackles in the Linux community after it sued IBM for allegedly misusing trade secrets after IBM walked away from a joint project with SCO which sought to create an Intel Itanium version of SCO’s UnixWare. IBM scrapped the effort, dubbed Project Monterey, when it decided to focus its attention on Linux rather than Unix. But SCO maintained that IBM’s rapid strides with Linux were built on trade secrets it garnered from Project Monterey — especially the integration of Unix System V libraries with Linux, which allows the Linux platform to run many Unix applications. SCO is suing IBM for $1 billion.

SCO said the DoS attack occurred at about 10 a.m. Mountain Time, and that it gobbled up about 90 percent of the available bandwidth of its service provider for the entire Lindon, Utah backbone. The company said it contacted a special agent for Intrusion Detection at the FBI Cyber Crimes Division in Salt Lake City, and the special agent is now analyzing information on the attacks. The U.S. Attorney’s office is also investigating the attack.

SCO said its ISP has identified 138 different machines that were an intermediate source of the bot or worm which triggered the attack, but has not yet been able to confirm the identity of the original source.

“A denial of service attack is a serious criminal violation,” Stowell said. “Cyber terrorism hurts a business as much as any other crime involving the destruction of property. Unfortunately, some programmers who disagree with SCO’s corporate policies have ignored the seriousness of cyber terrorism. This was a mistake on the part of the people involved, because we will prosecute them to the fullest extent of the law and will do everything possible to assure that justice is done for the commission of this crime.”