BEIJING, March. 29 (Xinhuanet) -- A group of 18 network providers and ISPs on Monday have banded together to confront large-scale hacker attacks, struggling to cope with a dramatic rise in malicious hacker intrusions.

    The organizations, which include BT Group PLC (BT), Deutsche Telekom AG (DT), MCI Inc. (MCIP), NTT Communications Corp., Cisco Systems Inc. (CSCO) and EarthLink Inc. (ELNK), have agreed to share information about network-based attacks while they are under way through the Fingerprint Sharing Alliance, to be unveiled Monday. Participants will share data using technology from Arbor Networks Inc., a closely held Lexington, Mass., security company that sells technology for detecting and fending off network-based attacks to about 70% of the world's tier one Internet-backbone providers.

    Farnam Jahanian, Arbor Network's founder and chief scientist, said in an interview with eWEEK.com that the Fingerprint Alliance effectively replaces a "laborious and tedious process" that involved the manual use of phone calls and e-mails to share information on cyber-threats.

    "This is the first time network and service providers can share attack profiles and fingerprints automatically, without giving up any competitive information," Jahanian said.

    A typical fingerprint includes data on the scope and severity of a hacker attack. It also can be used to distribute information on the threat's impact on devices, services and customers.

    "This can be used for a broad range of zero-day cyber-threats," Jahanian said. "It can flag a denial-of-service attack, flood-based attacks or scanning attacks. It can also be used to share information on the fast-propagating worms and viruses we're seeing every day."

    Until recently, denial-of-service attacks were usually weapons used by novice attackers in vendettas against enemies. But like other types of malicious activity on the Internet, attackers increasingly appear to be members of criminal enterprises with financial motives.

    The alliance members hope that a centralized, automated system for sharing information about attacks with other operators will help them contain them more quickly and trace them to their sources more effectively. Members will also be able to take steps to dismantle botnets and perhaps ultimately begin to reverse the attack's alarming growth trend. Operators now have a cumbersome, informal information-sharing system using e-mail and phone conversations and based on personal relationships, that isn't always speedy or effective.

    "The landscape has certainly changed over the last year and a half" said Rob Rigby, director of managed security services at MCI. "Now the malicious intent is extortion or something more egregious than it was before. This is starting to become a moneymaking operation."

    (Agencies)