The last two days have seen one of the most interesting and disturbing examples of the ongoing problems with Internet security, and the potential of contending with anonymous groups and aggressive or governments who use the Internet for hostile purposes. We have just experienced the largest Internet cyber attack in history. The New York Times, The Guardian and host of other global media and technology news sources, and blogs have seized on this story. Internet experts are pessimistic that anything can be done to defend against this situation, or any other similar attack, other than to find and prosecute the perpetrators. Some experts have speculated that another attack on this scale could have grave consequences for the global banking and investment trading systems.
The attack was restricted to simply slowing the Internet to a crawl in some places around the World. But it has already been seen that such attacks can target the electrical grid, water systems, natural gas distribution: any essential infrastructure system attached to the Internet, even with state-of-the-art firewalls and other security measures. This feels like the Cold War spy world of John Le Carre‘s George Smiley, and the current film Tinker, Tailor, Soldier, Spy, only fast forwarded to the cyber world of 2013.. It is a game of leap frog with no end in sight.
If any of my UBC Management students noticed a distinct slowing of their Internet traffic over the last two days, they were not imagining it. This has been a dramatic foreshadowing of the George Orwell Brave New World we are entering, a dispute between two virtually unknown Internet companies and a group of hackers in Eastern Europe has led to the largest global Internet cyber attack in history. The attack continues tonight, though it is apparently diminishing. Internet security experts who have been monitoring global Internet traffic for the last two days, estimate that the attack is at least three times larger than any previous “distributed denial of service” attack observed. A distributed denial of service or DDOS attack, occurs when someone or a group, creates small Internet “bots” (robot code) that are unleashed across the global Internet. The bots enter our computers, unknown to us, and sit in our Internet devices, until they are ordered by their Master to simply “ping” or go to one specific Internet address. This essentially overloads the Internet backbone, and the destination Web site, making it unreachable by anyone. The only solution is to take the Website completely offline and to wait for the storm of “bots” to diminish. This kind of thing has been around for years, but it continues to be very difficult to defend against. Until a source is identified, all users must be denied access to the Website. Hence the name, “denial of service.” This time, DDOS has risen to a new level.
The two companies involved in the original dispute were Spamhaus and a Dutch website known as Cyber Bunker. Anyone ever heard of either of them? Spamhaus works to identify and block SPAM. When Spamhaus decided to include Cyber Bunker in its list of offending spammers, it appears the Cyber Bunker retaliated and recruited a group of criminal hackers in Eastern Europe to help them stage the largest DDOS attack in history. Some have described it as a “nuclear bomb dropped on the Internet.”
We only have more of this to look forward to, as Internet infrastructure experts do not have any silver bullet to offer us.