Stories
Slash Boxes
Comments

SoylentNews is people

posted by takyon on Thursday September 15 2016, @07:07PM   Printer-friendly
from the points-of-failure dept.

https://www.lawfareblog.com/someone-learning-how-take-down-internet

Over the past year or two, someone has been probing the defenses of the companies that run critical pieces of the Internet. These probes take the form of precisely calibrated attacks designed to determine exactly how well these companies can defend themselves, and what would be required to take them down. We don't know who is doing this, but it feels like a large a large nation state. China and Russia would be my first guesses.

Sounds like as good a reason as any to develop a more distributed internet. Fight fire with fire - When the attacks are distributed denial of service on centralized systems, the solution is decentralization and distributed delivery of service (P2P).


Original Submission

 
This discussion has been archived. No new comments can be posted.
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
  • (Score: 4, Insightful) by bob_super on Thursday September 15 2016, @07:34PM

    by bob_super (1357) on Thursday September 15 2016, @07:34PM (#402426)

    > don't know who is doing this, but it feels like a large a large nation state. China and Russia would be my first guesses

    Let's not mention why it couldn't be the US, shall we?

    Considering the recent past, and the admissions of offensive uses of the web, the list of people and countries with the incentive to do this is pretty long.
    But I wouldn't put China and Russia on that list, because I expect that they already know what to do to. Also, considering the terrible state of security of US installations, I don't believe that shutting down the web would be productive, when using the web against the US would be devastating. Compare "I can't access the latest trending side-boob pic" to "I can't get money, the power plant is on fire, and I'm really glad some old geezer designed a manual override on the dam's gates".

    Starting Score:    1  point
    Moderation   +2  
       Insightful=2, Total=2
    Extra 'Insightful' Modifier   0  
    Karma-Bonus Modifier   +1  

    Total Score:   4  
  • (Score: 2) by Phoenix666 on Thursday September 15 2016, @08:20PM

    by Phoenix666 (552) on Thursday September 15 2016, @08:20PM (#402448) Journal

    "I can't get money"

    Who needs money when you have guns?

    --
    Washington DC delenda est.
    • (Score: 0) by Anonymous Coward on Thursday September 15 2016, @09:00PM

      by Anonymous Coward on Thursday September 15 2016, @09:00PM (#402473)

      When the Chinese and Russian guns are better than yours, you're better off at least pretending your money is worth something.

      • (Score: 1) by AssCork on Friday September 16 2016, @02:23PM

        by AssCork (6255) on Friday September 16 2016, @02:23PM (#402795) Journal

        When the Chinese and Russian guns are better than yours...

        The Russian ones, IMHO, far outweigh the Chinese ones. Which would explain why Our Fearless Leader banned the import of all-things-Russian [nraila.org]. Probably to keep this lil gem [wikipedia.org] outta everyone's hands (at least the Chinese have a knock-off).
        Just mouthing the words "12-Gauge Shotgun AK" will make you grow (more) hair on your chest.

        --
        Just popped-out of a tight spot. Came out mostly clean, too.
    • (Score: 2) by Justin Case on Friday September 16 2016, @01:18AM

      by Justin Case (4239) on Friday September 16 2016, @01:18AM (#402574) Journal

      You might need to buy some bullets for those guns.

      After that, though, you're golden!

      • (Score: 2) by Phoenix666 on Friday September 16 2016, @01:35AM

        by Phoenix666 (552) on Friday September 16 2016, @01:35AM (#402581) Journal

        I have the junk rounds [wikia.com] perk. As long as I can find tin cans and scrap metal, I'll be fine.

        --
        Washington DC delenda est.
  • (Score: 2, Interesting) by Phoenix666 on Thursday September 15 2016, @08:33PM

    by Phoenix666 (552) on Thursday September 15 2016, @08:33PM (#402457) Journal

    Incidentally, this has been part of Chinese strategy for years--cyberwarfare as part of a full-spread attack on the United States. Also included in that arsenal are financial warfare (China dumping US debt, etc), antisatellite weapons to blind the Pentagon, space-based weapons, economic espionage & securing important resources (SEE: Chinese investment in Africa), key strategic sabotage at places like the Panama Canal (controlled by Hutchison Whampoa Ltd.), and of course all the standard bombs, planes, etc. Their defense posture has been focused around retaking Taiwan by force, but they have made great strides in the last couple of decades toward better force projection.

    At the moment the US could bring an emphatic end to Chinese civilization in 15 minutes, thanks to its fleet of nuclear subs, but that edge won't last forever.

    (Sorry I don't have the right links to give you at the moment, but keywords "China" "Defense" "Congressional Whitepaper" should see you on your way to the right sources.)

    --
    Washington DC delenda est.
    • (Score: 0) by Anonymous Coward on Friday September 16 2016, @04:40AM

      by Anonymous Coward on Friday September 16 2016, @04:40AM (#402620)

      More likely to be groups of criminal hackers looking to see what price category on their price list each target belongs to. "So you want to take down Qualcomm globally and for how many hours? That's a category A target, you're going to have to pay a lot", "You want to take down this highschool? That's a category F target, oh we're running a weekend special for that category at the moment".

      I don't think the Chinese Gov would bother trying to DDoS just a few corporations. The cost-benefit for them isn't there. It would be "nuke" the whole thing or not at all and if anyone is trying to DDoS much of the USA, figuring out all that "precision" is a waste due to the pipes leading to the targets and other confounding factors. It's like trying to figure out how many cars to send to clog up the streets near an organization, when you are doing one target you might know a fairly precise figure, but when you have 10000 targets you might find the highways get clogged too ;). Why would the Chinese Government be interested in exactly how much "explosive" is required to destroy a particular corporation? All they need is a rough figure based on the known bandwidth of their pipes (which they might be able to find out in some cases if they ask Huawei ;) ). A state actor can buy that bandwidth beforehand from AWS, CDNs etc.

      Also included in that arsenal are financial warfare (China dumping US debt, etc),

      You might think dumping US debt is a good idea too when the USA was creating trillions of US dollars. That's like you owing the Bank two trillion "Phoenix666 dollars" and then one day you publicly create hundreds of billions of "Phoenix666 dollars" via Quantitative Easing. The Bank may try to sell off or convert the debt ASAP.

      antisatellite weapons to blind the Pentagon, space-based weapons, economic espionage

      All par for the course of being a responsible nation state protecting itself from the USA and nothing to be bogeyman scared about.

      & securing important resources (SEE: Chinese investment in Africa)

      What? Worried that China might actually improve Africa instead of messing it up like the USA? And somehow that threatens the world? ;)

      • (Score: 0) by Anonymous Coward on Friday September 16 2016, @09:39AM

        by Anonymous Coward on Friday September 16 2016, @09:39AM (#402693)

        I don't think the Chinese Gov would bother trying to DDoS just a few corporations.

        You apparently didn't RTFA. Those are not "just a few corporations". They are the corporations on whose services a large part of the Internet relies to work properly. Even completely taking down Google would be a minor incident compared to taking down those companies.

        • (Score: 0) by Anonymous Coward on Friday September 16 2016, @04:02PM

          by Anonymous Coward on Friday September 16 2016, @04:02PM (#402847)

          Well the article is full of shit:

          Verisign is the registrar for many popular top-level Internet domains, like .com and .net. If it goes down, there's a global blackout of all websites and e-mail addresses in the most common top-level domains.

          If Verisign goes down there are other root servers: https://en.wikipedia.org/wiki/Root_name_server#Root_server_addresses [wikipedia.org]

          And if somehow all the registrars go down it doesn't affect the root server stuff. They are not the same thing.

          One company told me about a variety of probing attacks in addition to the DDoS attacks: testing the ability to manipulate Internet addresses and routes, seeing how long it takes the defenders to respond, and so on. Someone is extensively testing the core defensive capabilities of the companies that provide critical Internet services.

          Who would do this? It doesn't seem like something an activist, criminal, or researcher would do.

          That's more bullshit. Why wouldn't blackhats do something like this? There's money in it.

          Lastly, if you can somehow trick Verisign into making a mistake or having a crack in their defences (e.g. maybe a failover site/server is not as well secured) and get one of their signing keys that would be like stealing their crown jewels. You could sign malware and forge websites and have them trusted by millions of devices and people. China doesn't necessarily need this as much since they have control over CAs whose certs are trusted by millions of devices.

  • (Score: 0) by Anonymous Coward on Thursday September 15 2016, @09:28PM

    by Anonymous Coward on Thursday September 15 2016, @09:28PM (#402483)

    > I wouldn't put China and Russia on that list, because I expect that they already know what to do to.

    Lolwut?

    The US is suspect but China and Russia aren't because "they already know" how much firepower it will take to overwhelm the servers of a bunch of US corporations?

    LOGIC!!!!

    • (Score: 2) by bob_super on Thursday September 15 2016, @09:41PM

      by bob_super (1357) on Thursday September 15 2016, @09:41PM (#402489)

      I didn't say that the US is suspect. The US is known to be able to turn off all the root servers and most of the international traffic within minutes. No need to probe the windows discreetly when everyone knows you have the door keys.

      I expect that both Russia and China have already figured out how to take the whole thing down quickly, and wouldn't need to bother probing in a significant way. Maybe at a lower level, to affect sites carrying specific damaging news, but not in a warfare context.

      • (Score: 0) by Anonymous Coward on Thursday September 15 2016, @10:39PM

        by Anonymous Coward on Thursday September 15 2016, @10:39PM (#402510)

        > I expect that both Russia and China have already figured out how to take the whole thing down quickly,

        That's what this is about figuring out.
        You've got some magic way of taking it down?

        • (Score: 4, Informative) by NotSanguine on Friday September 16 2016, @12:53AM

          by NotSanguine (285) <NotSanguineNO@SPAMSoylentNews.Org> on Friday September 16 2016, @12:53AM (#402558) Homepage Journal

          > I expect that both Russia and China have already figured out how to take the whole thing down quickly,

          That's what this is about figuring out.
          You've got some magic way of taking it down?

          No magic necessary.
          Large enough sustained DNS Amplification [us-cert.gov], UDP Flood [wikipedia.org] ((and potentially, DNS hijacking [wikipedia.org]) attacks could wreak havoc for Internet users in the region(s) affected.

          That, combined with sustained DOS attacks [wikipedia.org] against other critical infrastructure (such as military/government networks, banks and other financial institutions, Tier I and II network providers, etc., etc., etc.) targets could negatively impact public and private entities for extended periods.

          In order to do something like that, you'd need a lot of resources (like a state actor might have). Even without such resources, a non-state actor could cause significant impact on a smaller subset of infrastructure resources too.

          So. No magic required. Just resources and the (fairly minimal) knowledge to obtain and use tools that already exist.

          --
          No, no, you're not thinking; you're just being logical. --Niels Bohr
          • (Score: 0) by Anonymous Coward on Friday September 16 2016, @08:40AM

            by Anonymous Coward on Friday September 16 2016, @08:40AM (#402679)

            > In order to do something like that, you'd need a lot of resources

            Are you serious?
            You just described the attacks Schneier is talking about.
            So again I ask. How do Russia and China magically know how much resources it will take without actually measuring?

            Your mod points are unearned.

            • (Score: 2) by NotSanguine on Friday September 16 2016, @09:10AM

              by NotSanguine (285) <NotSanguineNO@SPAMSoylentNews.Org> on Friday September 16 2016, @09:10AM (#402683) Homepage Journal

              You asked:

              And I responded.

              I stand by what I wrote. If you don't like my answer, post your own. Or don't. Either way, it's no skin off my nose.

              I'll give you the tl;dr version, just for giggles: There's no magic. There isn't even anything very original or difficult. It's a matter of scale rather than artistry or know-how.

              As for the mod points, I have no control over what other people do, and I can't mod my own posts. If you feel strongly enough about it, you could always log in and mod me down if you like. Again, it's no skin off my nose.

              If you'd like to join the discussion, you're welcome to do so. Or you can continue to make snarky comments on a topic which you appear to be not very familiar. And that's cool too.

              Whatever blows your skirt up, honey.

              --
              No, no, you're not thinking; you're just being logical. --Niels Bohr
            • (Score: 2) by NotSanguine on Friday September 16 2016, @09:28AM

              by NotSanguine (285) <NotSanguineNO@SPAMSoylentNews.Org> on Friday September 16 2016, @09:28AM (#402690) Homepage Journal

              So again I ask. How do Russia and China magically know how much resources it will take without actually measuring?

              Oops. I see what's got your knickers in a twist now. I made no claims about what China or Russia knows/has or doesn't know/doesn't have. That was another poster. I'm not the AC [soylentnews.org] or Bob_Super [soylentnews.org]. Those are the guys who made that claim.

              As such, I didn't try to support their claims, I answered a specific question you asked. Oh, and you're welcome.

              I will say that given the resources (in money, infrastructure and people) that Russia and China have available to them, it would be unsurprising if they did, in fact, have a pretty good idea what it would take to effect significant and devastating attacks against large swathes of the Internet.

              That said, I have no specific knowledge (I'm not an intelligence analyst focused on China and Russia, nor have I put much effort into investigating their capabilities) about what Russia and China capabilities may be. Which is why I didn't address that.

              However, I do know networks and network security. The tools to effect such attacks exist and are relatively easy to use and manage, even with a large-scale attack.

              I repeat my invitation to engage with the rest of us in productive discussion.

              You might also want to thumb through this [yourcoach.be]. You might find it useful in the future.

              --
              No, no, you're not thinking; you're just being logical. --Niels Bohr
  • (Score: 1) by an Anonymous Coward on Friday September 16 2016, @12:27PM

    by an Anonymous Coward (2620) on Friday September 16 2016, @12:27PM (#402731)

    Lets also not forget the EU, which acts more and more like a sovereign nation every day.