The recent Spamhaus distributed denial of service (DDoS) attack highlights the fragility of the Internet and many of the core services that the World Wide Web is built on. The Internet has become a core enabler of technology in today's modern world. Without it, we would not have so many things today that we take for granted, and this has all happened in under 20 years. While the Internet has enriched our lives, created entirely new industries, enabled greater learning and education, and entertains billions daily, it is inherently susceptible to hacks, threats and attacks and suffers from performance issues.
While threats to network and information security have existed since the dawn of the information age, the complexity and scale of attacks have exploded in recent years, presenting enterprises with daunting challenges as they struggle to defend an increasingly vulnerable perimeter. With cyber crime now more lucrative, and far less risky than the illegal drug trafficking trade, it is hardly surprising that the level of criminal talent devoted to the Internet has risen tremendously.
Consequently, threat levels and attack impact have skyrocketed. For example, in just a few years, DDoS attacks have jumped in size from dozens to hundreds of gigabits per second - a result of increasingly sophisticated malware and growing zombie armies. The DDoS attack on Spamhaus clocked in at 300 billion bits per second and is the largest publicly announced DDoS attack in the history of the Internet.
The Internet is an inter-network of separately managed networks that are connected together through a series of hierarchal relationships between network providers. Those who attacked Spamhaus were smart in understanding these relationships and, after initial efforts to disrupt the availability of the Spamhaus Web site failed, targeted the upstream network providers instead. These attacks were designed to 'suffocate' where many of the networks meet at what is known as Internet Exchanges.
By targeting these Internet Exchanges, the Spamhaus attackers were able to create a significant amount of congestion at key points of the Internet. This resulted in major portions, and users of the Internet experiencing performance issues. While the Internet Exchanges were able to reroute around these congestion points, the attack further highlighted additional vulnerabilities in design and implementations of networks on the Internet.
Actions of a few can affect many
The Spamhaus DDoS attack has highlighted that the actions of a few can affect so many. Though the Internet will live on, and it is certainly an exaggeration to say that it was shaken at its core, it is a sign of things to come - the Weaponisation of DDoS as a cyber offensive tool.
In the case of the Spamhaus DDoS attack, general Internet users were collateral damage. No one has any vested interest in taking down the Internet or causing prolonged disruption of service in its entirety. Localised and targeted attacks even from foreign states are typically the objective of DDoS. For example, a well-targeted attack against core national telecommunication carriers in Hong Kong, Singapore and Australia could render the Internet almost inaccessible for most.
Sign up for MIS Asia eNewsletters.