• United States



Has the Internet really gone to war?

Dec 15, 20102 mins
Data and Information Security

With all the attention these WikiLeaks-inspired DDoS attacks are getting, one might start to think we’re finally seeing that cyberwar we’ve been warned about.

The truth is much more complicated than that, of course. That’s why it was good to see the research Arbor Networks put together in a blog post called “The Internet Goes To War.”

The piece was written by Craig Labovitz with an assist from Joe Eggleston, Jose Nazario, Jeff Edwards, Roland Dobbins and Mike Hollyman.

Blog excerpt:

So are we now in a permanent state of cyber-war? As the San Francisco Chronicle asks, do sixteen year old hackers now control the fate of humanity from their laptops?

Well, this blog uses detailed statistics on the last year of DDoS attacks across the Internet to provide some perspective. I’ll compare the Wikileaks and retaliatory DDoS attacks to historical baselines of attack activity and discuss broader DDoS trends.

In general, getting accurate data about Internet attacks can be a challenge. Namely, a) companies avoid publicly discussing most attacks and b) the attacks can be difficult to measure or at least consistently compare. For example, engineering mailing list discussion of ISP security and DDoS attack trends generate a bewildering variety of responses. In one instance, two engineers at the same ISP debated the largest observed botnet attacking their company — one estimated the size at a few thousand hosts while the other at millions. Later when pressed on the source of their data, both of these engineers readily admitted they were really just guessing (they did not have any infrastructure / tools to actually measure the number of attacking botnet hosts).

I think they do a pretty good job trying to break it all down.

We can argue until we’re blue in the face about whether it’s appropriate to call this a war. But it’s pretty clear we’ve seen something unprecedented.

To me, the sobering thing is how easy it’s becoming for novices to launch these attacks. George Hulme wrote about this earlier in an article we posted about the open source network stress testing tool known as LOIC (the Low Orbit Ion Cannon).

Please check that out along with the Arbor post. You will be enlightened.

–Bill Brenner