IT Security Blog

Your source for information security news and views.

What's the worst that could happen?

Posted by Patrick Snyder
Patrick Snyder
Patrick Snyder has not set their biography yet
User is currently offline
on Thursday, 29 March 2012 in Uncategorized

By now most of the security industry has heard the rumors and threats that Anonymous intends to flood the 13 DNS servers throughout the world in a attempt to blackout the internet for a unknown period of time. This attack is the result of politically fueled opinions of some of today's most influential hacktivists. According to a post on pastebin.com the attack will essentially involve the use of a Reflective Amplification or 'ramp' toolkit to DDoS the root DNS servers which will stop them from responding to DNS resolution requests and thus stop users from accessing websites via DNS names i.e. 'www.google.com', 'www.facebook.com', etc.

This attack is under great scrutiny by professionals and hackers across the web. Some say it may be possible other say at best it will be very limited and do minimal damage while the rest say that Anonymous has its information all wrong. Does this threat have any substance or is it only another empty threat? Only time will tell as the attack date of March 31, 2012 grows nearer. 

Historically, years before this attack and hacking group even rose to popularity, in a post on the ICANN Blog, Kim Davies attempts to dispel any and all rumors that there are even 13 lone DNS servers around the world. In a more recent blog post by Errata Security, blogger Robert Graham presents even more reasons why the attack will not be possible. One blogger even goes as far as calling Anonymous' actions some kind of April fools joke.

Among the non-believers lies a handful of fearful individuals that see this brazen threat as an indicator of worse things to come. Boy Genius Report recently published a story outlining the underlying fears of U.S. officials in lieu of Anonymous' growth and increased threat potential to U.S. national security. It is no mystery that the U.S.'s cyber infrastructure is much weaker than most people think it is. We lack a structured cyber army and choose to hinder those with the potential to protect us in the event of a cyber war. I agree with Misha Glenny's ideas in his TED talk last year where he discussed an alternative to punishing hackers and instead setting up reform programs to bring these individuals back from the criminal world and get them on the good guys team again.

The bottom line is that progress remains slow when dealing with cyber attacks. The governments approach of allowing less and less freedom and availability to these cyber miscreants only seems to frustrate them further. Top agents in charge of cyber security are beginning to get beaten down by the constant threats and attacks in addition to the constant failures of consideration for better funding by higher ups in government. The only hope in the fight against cyber crime and an impending cyber war will be not only an increase in IT security budgets but also a change in the mindset that all hackers are our enemies. These rouge hackers possess important skills and knowledge that the government cannot afford to lose to the dark side.

Those interested in a first hand look into the health status of DNS servers during this weekends 'attack' can check it out on Team CYMRUs website dedicated to tracking the health of DNS servers around the world.

Tags: Untagged
Patrick Snyder has not set their biography yet

Comments

Please login first in order for you to submit comments