The Internet: a vast, planet-spanning network of fiber optic cable and computer servers, connecting untold billions of computer systems across the globe. One important aspect of the ‘Net that tends to remain unseen for the majority of us is that the backbone of this massive network is handled by only a handful of multinational corporations, facilitating upper-tier net access for major providers around the world. If the network of any one of these companies were to fail, it would be disastrous for global communications, blocking access to millions of netizens and businesses. If more than one were to be disrupted at once, for instance in a coordinated cyberattack, the consequences would be catastrophic — and it appears that someone is learning how to do just that.
Addressing this in a tech blog on Lawfare, cybersecurity expert Bruce Schneier says that over the past few years, there appears to have been a systemic, coordinated effort to probe the defenses of tech companies that operate critical portions of the Internet. These companies are reporting an increase in distributed denial-of-service attacks against their networks, both in their frequency and duration.
DDoS attacks are a fairly simple concept: the attacker floods the intended target’s incoming connections with massive amounts of data, typically using what is called a botnet, a network of "zombie" computers infected with a virus that causes each of them to send a small torrent of data at the target when instructed to do so. If the incoming data is more than what the target’s bandwidth can handle, then the attack will have successfully denied service to that network.
The current attacks also appear to have a pattern that is testing the target companies’ defenses, with the attackers using multiple sources to launch their attacks: when multiple vectors are used against the target at one time, the target is forced to use a wider variety of defenses, and in the process they’re forced to expose what type of defenses they have to the attacker.
On top of this, whomever is coordinating these attacks is also probing other aspects of the internet, such as testing the ability to manipulate internet addresses and routes, and testing response times from defenders. While Schneier says that no-one knows who is behind the attacks, he suspects that a major world power is backing this initiative, such as China or Russia. He sums up his impression of the pattern of the attacks using a parallel historical context:
"It reminds me of the U.S.’s Cold War program of flying high-altitude planes over the Soviet Union to force their air-defense systems to turn on, to map their capabilities."
Subscribers, to watch the subscriber version of the video, first log in then click on Dreamland Subscriber-Only Video Podcast link.