Slashdot Mirror

← Back to Stories (view on slashdot.org)

BlueSecurity Fall-Out Reveals Larger Problem

Posted by ryuzaki0 on from the continuing-sagas dept.

mdrebelx writes "For anyone following the BlueSecurity story, sadly the anti-spam crusader has raised the white flag. Brian Krebs with the Washington Post is reporting that after BlueSecurity's announcement, Prolexic and UltraDNS, which were both linked with BlueSecurity through business relations came under a DNS amplification attack that brought down thousands of sites. While much of the focus about the BlueSecurity story has been centered on the question of what can be done about spam, I think a bigger question has been raised - is the Internet really that fragile? What has been going on is essentially cyber-terrorism and from what has been reported so far the terrorist clearly have the upper hand."

12 of 366 comments (clear)

  1. interesting question about fragile by yagu · · Score: 5, Insightful

    There have been other outages, major, which have had significant impact. It's a good question: is the internet that fragile?

    In many ways it probably is. At the same time, the infrastructure seems resilient enough. The world so far hasn't laced up life-and-death critical systems to the internet such that a failure could cause loss of life. Well, that is, if you don't include:

    Oh, wait, I guess people have started doing that.

    What mechanisms exist for more than resiliency, i.e., instant self-healing? Could terrorists with a little knowledge and a few well-placed EMP generators disable major segments of the internet?

    Unlike phones and the phone networks which were built with lots of oversight and regulation (Universal Service was a big driver for this (aside: now that everything is profit driven, don't expect phone service at that farm house at the end of that long country road anymore... noone HAS to provide it)), I'm not aware of what safeguards back up the internet. In my entire lifetime, I've not one time experienced a phone outage, not once! Power outages, etc., the phone companies have backups to backups to ensure service (though there is the occasional and hard to manage for ditch digging incident).

    While large pieces of the internet are built upon the phone companies' infrastructure, other pieces aren't, and there are significant additional layers of complexity not in the phone companies' purview (switches, routers, coax cable from cable companies).

    That question, "is the internet that fragile?", is probably the biggest reason I've never opted to switch my phone service to VOIP yet. I'd hate to be the one (tiny chance, I know) who needs to make that one 911 call and not be able to do so because the internet is unavailable (which happens occasionally here, which is also too often).

    1. Re:interesting question about fragile by 0xC2 · · Score: 5, Interesting

      "Terrorists are interested in killing people to get their message across, not inconveniencing them." Totally wrong. Why do you think the most secure facilities in the world are the oil refineries? Terrorists absolutely love to take out pipelines, interrupt utilities, railroads, etc.. Look at the attacks on the Christian stores in Bagdad selling liquor. The affected people are also much more likely to blame the government for failing to protect services taken out by these attacks. For the money we have spent so far fighting "terrorists" we could have saved tens of thousands of lives, just by building safer, more expensive cars. from http://www.scienceservingsociety.com/p/141.htm : More than a million people are killed on the world's roads each year, the victims overwhelmingly young. In the United States more people die in a typical month in traffic crashes than died in the September 11 terrorist attacks. And for every fatality in a traffic crash, about 40 injuries occur, many of them severe. These traffic deaths and injuries include those among pedestrians and cyclists, as long as a motorized vehicle was involved. The number of traffic deaths worldwide continues to increase as more nations motorize. In the United States the number of traffic deaths has remained relatively constant at about 41,000 per year for the last decade. The economic impact of terrorism is much larger than its mortal impact.

      --
      Be heard || Be herd
  2. Re:Yes, the internet is that fragile by __aaclcg7560 · · Score: 5, Funny

    Like everything else in the computer world, you have to wait for the next great upgrade of the Internet called Web 2.0! Of course, I'm going to wait for SP1 to come out before jumping on the bandwagon.

  3. weakest link by brenddie · · Score: 5, Insightful

    well the internet is as strong as the weakest link, and guess what OS that link is..
    None of those attacks (DOS) could have been done without the use of thousands of zombie machines.
    I guess the only way of stoping the attakers is by taking their weapons (zombies) from them and thats left as an excersise for the survivors.

    --
    The best test environment is production. - Me
    chrome://browser/content/browser.xul
  4. Maybe they pay more for a tiered solution.... by colinbg · · Score: 5, Funny

    Seems to me maybe the solution is a tiered internet where spammers pay more to use the bandwidth... oh wait, sorry wrong discussion.

    --
    Clever or not, I got nothing...
  5. Re:Terrorism too strong a word by Joe+U · · Score: 5, Insightful

    It's a little strong, but it does fall into the definition.

    The use of force (taking down servers) by a group (spammers) against people/property (blue & others) with the intention of intimidating socieities (blues users) for ideological (financial too) reasons.

  6. Not fragile, just vulnerable by Todd+Knarr · · Score: 5, Insightful

    No, the Internet isn't that fragile. It's suprisingly robust, in fact. About the only thing that can really do any significant damage is sheer volume, enough traffic from enough distinct sources to overwhelm the target server or swamp it's network connections. No matter what, anything is always going to be vulnerable to that. You can only have finite bandwidth and server horsepower, and if an opponent's willing and able to throw enough resources at you he can simply overwhelm you. It's often referred to as "the Slashdot effect".

    The only thing that's happened is that, because of the inherent insecurity of Windows machines and the increasing number of them with broadband connections, the bad guys now have access to orders of magnitude more bandwidth and horsepower than any single server can have. In military terms it's like facing an enemy who outnumbers you by ten thousand to one. Distributing your DNS won't help, redundant pipes won't help, distributing your servers won't help, if you can deal with 99% of his assault he's still got a hundred times what you can absorb left.

    The only thing that can help is cutting off the supply of ownable machines the bad guys can take over and use in their attacks. If they're limited to their own machines they can't do much harm.

  7. Re:Fragile Internet? No... by AnotherBlackHat · · Score: 5, Interesting
    ... the tens of thousands of pwn3d Windows PC's ...


    More like "hundreds of thousands".

    My spam traps have been hit by over 1.5 million unique IPs this year alone,
    with an additional 30,000 never before seen IPs every day.
    I estimate there are currently 3-4 million compromised machines world wide.

    -- Should you believe authority without question?
  8. Re:motivation by vertinox · · Score: 5, Funny

    As much as we hate the NSA and other invasive orginizations they impose structure and laws. Chaos is the alternative.

    Emperor Palpatine, is that you?

    --
    "I am the king of the Romans, and am superior to rules of grammar!"
    -Sigismund, Holy Roman Emperor (1368-1437)
  9. DON'T WORRY GUYS! by Anonymous Coward · · Score: 5, Funny

    I backup the internet every night at 10 pm (PST).

  10. Just to give you an idea... by sorphin · · Score: 5, Informative

    I work for an unnamed backbone provider, and have currently been involved in blocking said DNS Amplification attack.. to give you a general idea of the size of the attack and the number of zombies involved.. When I left work... The attack was 14,768% of 9.8MBps... or.. over 13GBit/sec... Our infrastructure is holding up just fine, however.. Personally, I'd like to find the 'owner' of these zombies, and castrate him. I guess the guy doesn't have anything better to do with his life than trash the net...

  11. warning: botnet operators 0wn the interweb! by mpcooke3 · · Score: 5, Informative

    Sadly the internet is already compromised since the bot networks are already too large for most organisations to take on.

    I hope someone does something to deal with the botnet threats. Being able to suck multiple gigabits of bandwidth means 'they' can kill any small to medium sized internet operation if they want to via a range of attacks from the simple to the rather sophisticated.

    Tier1 ISPs usually don't care other than possibly to try and filter all your traffic to prevent their other customers from suffering.

    Some medium/larger sized companies use services like Akamai siteshield that are capable of sustaining a reasonable DDOS-ing but the botnet operators will eventually realise that the attacks are not just about knocking a site offline. Akamai will charge you for that traffic which will send the companies bankrupt anyway (and possibly quicker than going offline). In fact i was wondering how on earth bluesecurity were going to pay their bandwidth bill.

    The defences we have against such attacks are pathetic. I was amused in an episode of 24 when they came under an online attack from terrorists and their new "CISCO FIREWALL" protects them, i mean seriously the firewalls are the least of your problems these days. If you come under attack from one of these serious russian dudes - you'd be looking at trying to filter the traffic well before it reaches the firewalls since your line and network would be saturated.