Someone -- possibly the government of China -- has launched a series of probing attacks on the internet's most critical infrastructure, using carefully titrated doses of denial-of-service to precisely calibrate a tool for shutting down the whole net.
Security expert Bruce Schneier, who consults for many of these infrastructure firms, describes in general terms the confidential information he's been privy to, describing these systematic, iterative probing attacks and speculating on the kind of end-game they'll result in. Though Schneier doesn't know who's behind these attacks, he says the data "suggests China, an assessment shared by the people I spoke with" -- but he adds it could also be another country trying to pin the blame on China.
I am unable to give details, because these companies spoke with me under condition of anonymity. But this all is consistent with what Verisign is reporting. Verisign is the registrar for many popular top-level Internet domains, like .com and .net. If it goes down, there's a global blackout of all websites and e-mail addresses in the most common top-level domains. Every quarter, Verisign publishes a DDoS trends report. While its publication doesn't have the level of detail I heard from the companies I spoke with, the trends are the same: "in Q2 2016, attacks continued to become more frequent, persistent, and complex."
There's more. One company told me about a variety of probing attacks in addition to the DDoS attacks: testing the ability to manipulate Internet addresses and routes, seeing how long it takes the defenders to respond, and so on. Someone is extensively testing the core defensive capabilities of the companies that provide critical Internet services.
Someone Is Learning How to Take Down the Internet
(Image: Castle Romeo, United States Department of Energy, PD)
(via Dan Hon)
Donalddaters.com is an app for people who want to have sex with white supremacists; it launched today and promptly leaked all 1600 of its users' data: "users' names, profile pictures, device type, their private messages — and access tokens, which can be used to take over accounts."
The Wannacry ransomware epidemic was especially virulent, thanks to its core: a weaponized vulnerability in Windows that the NSA had discovered and deliberately kept a secret so that they could use it to attack their adversaries.
A leaked police-training presentation from digital forensics company Elcomsoft (a company that made history due to its early run-in with the DMCA) advises officers not to look at Iphones seized from suspects in order to avoid tripping the phones' facial recognition systems -- if Iphones sense too many unlock attempts with faces other than those […]
Speed reading isn’t just an innate skill possessed by a lucky few. Anyone can learn to speed read, and the benefits are endless. The brain can process more information than most people have time to soak up, but you can make that time now with the 2018 Award-Winning Speed Reading Bundle. The first half of […]
Sure, you could use the same old PowerPoint templates for your next business presentation. It’s not like you have bosses or investors to impress. Oh wait, you do? Time to augment that slideshow with Slideshop – the presentation tool that can individualize your pitch while saving you time. Compatible with PowerPoint, Keynote and Google Slides, […]
Multinational companies have used the no-nonsense methodologies of Six Sigma and Lean Six Sigma to oil a smooth-running operation for years. What is it? Six Sigma (and its offshoot, Lean Six Sigma) apply the principles of science to business, teaching managers to methodically target waste, maximize output and streamline the flow from producer to consumer. […]