As we continue to slide down the ramp of the strangest American presidential election of all time, it’s becoming harder to have the bandwidth to be aware of any other current events going on. But if there’s one story from the last few weeks that should worm its way into your purview, it’s this one, just in time for the Halloween season: Someone is trying to murder the entire Internet!
The scenario peaked earlier today, when massive numbers of websites (including Twitter, Spotify, Netflix, and scores of others) were taken down for an extended period of time after a cyber attack on the Domain Name System provider Dyn. Worse than the attack itself is the fact that really, this is just the beginning.
In a post written last month, Internet security expert Bruce Schneier discusses what sources have been telling him off the record:
[S]ome of the major companies that provide the basic infrastructure that makes the Internet work have seen an increase in [Distributed Denial of Service attacks] against them. Moreover, they have seen a certain profile of attacks. These attacks are significantly larger than the ones they’re used to seeing. They last longer. They’re more sophisticated.
A Distributed Denial of Service attack (DDoS) is the most basic and effective way to shut down someone’s website. It’s essentially flooding a site with so much traffic that the server can’t handle normal operations. “If someone has a bigger pipe than you, they flood you with traffic until you fall over,” Schneier says. “Or, they’ve ordered so many pizzas delivered to your house that you can’t get home because your street is all parked up. You flood the site with so much fake traffic, real traffic can’t get through. That’s a DDoS.”
It’s the same method of attack that hit security author Brian Krebs’ website last month with approximately 665 Gigabits of traffic per second, forcing him to take his site down for a period of time. (For comparison, Netflix recommends a connection of 25 Megabits per second to stream their Ultra HD quality video.) But what was most surprising about the attack on Krebs’ site was the method that was employed.
It’s like using a powerful microphone to amplify a person’s voice, versus someone actually having to shout.
Rather than hacking their way into unused servers that amplify the traffic being sent so it feels like an overwhelming amount—the most obvious means of unleashing these massive attacks—this one against Krebs used a method where the actual traffic being sent was huge.
“That suggests the attackers behind this record assault launched it from quite a large collection of hacked systems — possibly hundreds of thousands of systems,” Krebs writes in his explanation. It’s like using a powerful microphone to amplify a person’s voice, versus someone actually having to shout. (It was later determined that 1.5 million connected cameras, linked through the Internet of Things, was used in the attack.)
This method of attack is important because it’s similar to how someone’s trying to shut down the entire Internet, Schneier says. And, potentially, it could have been the method used in today’s attacks.
While Schneier hasn’t been able to name sources of the companies he has been speaking to about the attacks, the heightened frequency jives with information released by Verisign, an Internet company that offers network security services. Every quarter, it releases a report on the types and frequency of attacks it’s seeing. The latest report shows an increase of 75 percent in DDoS attacks. As the company’s public relations representative told me, it “points to the fact that DDoS attacks show no signs of slowing down, and this type of attack continues to be frequent, persistent and complex.”