Home > Uncategorized > Someone Will Bring the Internet Down

Someone Will Bring the Internet Down

This blog entry elucidates the sixth of my ten predictions regarding events and trends that I have predicted will transpire in 2008. This prediction is:

6. An attacker or group of attackers will for the first time succeed in an attempt to bring the entire Internet down for a period of several hours or possibly even longer.

Denial of service attacks occur frequently—much more often than people realize. The consequences of these attacks varies from minor ones such as temporary unavailability of networking and system freezes to major ones such as the kind of complete network failure that occurs in distributed denial of service attacks. The motivation for launching such attacks also varies greatly. Some attackers are “joy riders” who receive satisfaction by causing disruption in systems in networks; others appear to be “electronic vandals” who are in many ways analogous to people who shatter windows in buildings.  Still others are motivated by the desire for financial profit, often by attempting to extort organizations into paying them for leaving their public Web sites undisturbed.

How vulnerable is the Internet to a denial of service attack that brings it down? Continuing debate concerning this issue has occurred for many years and is likely to continue once the Internet is actually brought down. Two well-known attempts to bring the Internet down in the early 2000’s nearly succeeded. In both instances someone (or, more likely, a group of individuals) took down a substantial proportion of the Internet’s root domain servers for a number of hours. The result in both cases was a slowdown but not a failure in Internet performance. Expects speculated that if the perpetrator or perpetrators had been able to bring down one or two more root domain servers, the Internet would indeed have gone down.

ICANN, the Internet’s governing body, made several significant changes after the second nearly successful attempt to bring the Internet down occurred. One of the most important of these changes was distributing the administration of root domain servers more widely, so that no attacks against any single entity would be much less likely to result in a massive outage. Despite these changes, the Internet still remains more vulnerable to a massive outage resulting from denial of service attacks than many people imagine. When push comes to shove, denial of service attacks are fundamentally one of the hardest if not the hardest types of attacks to counter because Internet mechanisms are built to allow, not deny; the Internet backbone is in essence designed to pass a high volume of traffic between one point and another. In contrast, to prevent denial of service attacks requires the ability to not only filter out undesirable types of traffic, but also to monitor and limit the amount of traffic. Additionally, the protocols on which Internet relies are by no means deficient, yet from a security some of their properties are potentially extremely useful to perpetrators of extensive denial of service attacks. Consider, for example, the IP protocol; IP packet fragmentation can readily cause denial of service. And services such as the domain name service (DNS) on which Internet functionality depends were not by any means originally created with security in mind. Some degree of security has been retrofitted into these services, but retrofitted security is never as good as security that has been built in.

The “bottom line” is that it is just a matter of time, probably sooner rather than later, before the entire Internet is brought down. The amount of disruption and loss will be huge because of the great dependence that businesses have on Internet transactions. The good news is that the outage is not likely to last for more than a few hours. The combination of the built-in resilience of Internet functionality and mechanisms and dedicated, concerted efforts by organizations will in all likelihood lead to rapid diagnosis and remediation of the cause of the outage.

Categories: Uncategorized Tags:
  1. No comments yet.
  1. No trackbacks yet.
You must be logged in to post a comment.