The internet isn’t just a fun and endless encyclopedia of knowledge and entertainment. It’s not just a means to communicate with friends, nor a conglomerate of every last bit of news. It’s the glue keeping the world together. It’s how you’re even reading this right now. It’s where everything about you is stored, from hospital records, to what you owe on your house or student loan.
Yet it’s not really making the news that Bruce Schneier, an internationally renowned security technologist, is trying to warn us that someone has been testing the defenses of the companies who maintain the integrity of the internet. And they’ve been at it for a year or two.
“Someone has been probing the defenses of the companies that run critical pieces of the Internet,” Schneier said. “These probes take the form of precisely calibrated attacks designed to determine exactly how well these companies can defend themselves, and what would be required to take them down.”
Apparently we don’t know who is doing this, but Schneier feels like it has to be a “large nation state.” China and Russia are his “first two guesses,” and he’s assuming it’s a nation state because of the size, scale, and persistence of the probes, and because their methods are common practice in espionage and intelligence gathering.
He says the easiest way to take a network down off the internet is to use a “DDos attack” which essentially prevents people from getting onto a website by blasting it with so much data it’s overwhelmed. Hackers have pulled DDos attacks in the past, but only at the level of a specific website to extort money from folks or simply to spite a site they don’t like.
It’s led to what Schneier calls an arsenal of technologies devoted to DDoS defense. “But largely it’s a matter of bandwidth. If the attacker has a bigger fire hose of data than the defender has, the attacker wins.”
Schneier’s call for concern is that the major companies who provide the basic infrastructure to make the internet as we know it work, are the companies seeing an increase in DDoS attacks against them. And these attacks are “significantly larger than the ones they’re used to seeing. They last longer. They’re more sophisticated. And they look like probing.
“One week, the attack would start at a particular level of attack and slowly ramp up before stopping. The next week, it would start at that higher point and continue … as if the attacker were looking for the exact point of failure.
“This means that the companies have to use everything they’ve got to defend themselves. They can’t hold anything back. They’re forced to demonstrate their defense capabilities for the attacker. It reminds me of the U.S.’s Cold War program, of flying high-altitude planes over the Soviet Union to force their air-defense systems to turn on, to map their capabilities.”
Verisign is the registrar for all the main domains we know, like .com and .net. “If it goes down, there’s a global blackout of all websites and e-mail addresses in the most common top-level domains.”
Schneier also says this entity is “testing the ability to manipulate Internet addresses and routes.”