UNDER ATTACK

Denial of Service

You think you have Internet problems? An unprecedented “denial of service” attack recently hit a large Asian company, whose name is being withheld right now. Prolexic, an Internet security firm called in to block it, predicts that a similar attack will hit another company within the next six months.

“Denial of Service” (DoS) takes place when there are so many attempts to connect to another computer, and they happen so quickly, that it overwhelms the ability of the Internet Service Provider (ISP) to complete the link. In that situation, almost no one can connect. How many attempts have to be made in how short a time before the system can no longer handle the load? Lots.

Recently, the as yet un-named Asian company was bombarded with 25 million packets per second. A ”packet” in this case refers to a small bit of code requesting a link to another computer. It’s normal; it happens all the time. But not this big! This is some kind of record and obviously the attacker wanted no one to be able to log onto the victim’s site. Large ISPs might be able to handle 70,000 login attempts in one second, but not millions.

The attack was made using 176,000 remotely controlled personal computers, which had been hijacked, as they say, to be used as the attacker’s robot network. The more computers you have, the more packets you can send. Until this recent attack a significant threat would have involved about 7,000 remotely controlled computers. Overwhelmed by the deluge of Internet traffic, carriers try to cope by passing around the excess traffic like a hot potato. Ultimately, the carriers have to generate what they call a “black hole” for that Internet address and that shuts out all traffic.

You don’t have to worry about these kinds of attacks if you’re a small business or a consumer; it’s not worth the effort. The victims are typically banks, credit card gateways and companies in the gaming and gambling industries, and, sometimes, countries. Among the better known victims have been Visa and MasterCard, Facebook, Google, WikiLeaks and the governments of Iran, Ireland and Georgia, formerly Soviet Georgia.

Who would do such a thing? Well, unhappy customers who have programming skills, rival companies and of course, governments. WikiLeaks has been releasing classified U.S. government documents. It doesn’t take any hard thinking to figure who would be upset about that. Georgia has been at war with Russia; not hard to think of a probable attack source.

Most “denial of service” attacks have come from countries in the former Soviet Union. Nearly all of them have sophisticated programmers. The larger danger lies ahead, and it is very large indeed. As more and more commerce is conducted on the web, the whole financial system becomes vulnerable. Banks, brokers and investment companies conduct nearly all their business through the Internet. What if someone shuts down the stock exchanges, or major banks and clearing houses with a DoS? What if you can’t access your accounts? What if no one can?

Comments are closed.