A powerful attacker is systematically calibrating an internet-killing tool

Someone -- possibly the government of China -- has launched a series of probing attacks on the internet's most critical infrastructure, using carefully titrated doses of denial-of-service to precisely calibrate a tool for shutting down the whole net.

Security expert Bruce Schneier, who consults for many of these infrastructure firms, describes in general terms the confidential information he's been privy to, describing these systematic, iterative probing attacks and speculating on the kind of end-game they'll result in. Though Schneier doesn't know who's behind these attacks, he says the data "suggests China, an assessment shared by the people I spoke with" -- but he adds it could also be another country trying to pin the blame on China.

I am unable to give details, because these companies spoke with me under condition of anonymity. But this all is consistent with what Verisign is reporting. Verisign is the registrar for many popular top-level Internet domains, like .com and .net. If it goes down, there's a global blackout of all websites and e-mail addresses in the most common top-level domains. Every quarter, Verisign publishes a DDoS trends report. While its publication doesn't have the level of detail I heard from the companies I spoke with, the trends are the same: "in Q2 2016, attacks continued to become more frequent, persistent, and complex."

There's more. One company told me about a variety of probing attacks in addition to the DDoS attacks: testing the ability to manipulate Internet addresses and routes, seeing how long it takes the defenders to respond, and so on. Someone is extensively testing the core defensive capabilities of the companies that provide critical Internet services.

Someone Is Learning How to Take Down the Internet [Bruce Schneier/Lawfare]

(Image: Castle Romeo, United States Department of Energy, PD)

(via Dan Hon)

Notable Replies

  1. renke says:

    The article without all the ads can be found on Bruce Schneier's blog. I generally prefer reading his essays on schneier.com, mostly because of the (normally) high-quality comments and discussions.

  2. So, do you think there's a spare internet in the closet when this happens? Are we pre-internet people going to have to show everyone how to churn butter?

  3. I've got a two year supply of freeze dried internet in plastic buckets with foil liners that's rated for a 25 year shelf life.

  4. Part of the problem is that the Internet isn't a network in any meaningful sense of the word. The whole point of the original ARPAnet was fault tolerant system with multiple routes from each node to all the others. Although that alone would not solve the problem it would help but of course it isn't just the 'Chinese' who are making the net more fragile, those who regulate it do so as well. We really need a proper peer to peer communication system that does not rely on a central authority like DNS.

Continue the discussion bbs.boingboing.net

53 more replies