Nike is gradually regaining control of its nike.com Web site after malicious hackers on Wednesday seized the sneaker company's domain name and rerouted users to an Australian site with anti-Nike messages.
But an undetermined number of users still can't get through to nike.com, more than 30 hours after the problem was discovered. That's because some Internet service providers, which Nike declined to identify, haven't cleaned up their cached -- that is, old -- versions of Nike's Web pages.
To speed up user access, ISPs often rely on cached versions of popular Web pages that they store on their on local servers. But in this case, that could mean their customers are still being served up the hijacked version of Nike's Web site.
"We don't know how many ISPs are doing this," said Vada Manager, a spokesman for Nike in Beaverton, Ore. "But we're working feverishly to get that resolved."
On Wednesday, a group calling itself S-11 rerouted Web users from nike.com to another Web site decrying the World Economic Forum, of which Nike is a member. A group of business and political leaders, the forum is known for supporting the spread of capitalism worldwide.
FBI agents visited Nike headquarters soon after the company discovered the cyberjacking at 7 a.m. Pacific time on Wednesday. The incident came just two days after US Attorney General Janet Reno pleaded with companies to report such attacks attacks to law enforcement agencies as part of an effort to work more closely on technology security issues.
Manager said the FBI continues to work on the case remotely, along with Nike's internal information technology department and technical staff from outsourcing provider Lockheed Martin Corp. Nike outsourced several IT functions, including its help desk and some systems infrastructure, to Lockheed Martin last year.
Nike has been the target of several raucous protests -- both online and on land -- that criticised the labor and environmental policies at its factories. But this was the first time its Web site had been seized, Manager said. He added, though, that Nike's systems weren't invaded or compromised. The hijacking "happened externally," he said.
S-11 is suspected of sending false records on Tuesday to Network Solutions, which is the registrar for nike.com, in which the group posed as Nike and asked that traffic be rerouted. Indeed, a search this afternoon of Network Solutions' online database still shows the incorrect administrative information for the nike.com domain, listing S-11 and several nonsense words.
Network Solutions didn't return calls seeking comment on the matter by publication time.