ThePythonicCow
14th September 2016, 21:16
Bruce Schneier, an internationally renowned security technologist (one I have long respected) says some nation-state is probing the Internet, for a potential attack.
Bruce has close contacts in computer, web and Internet security, at the highest levels, and is one of the best in the business.
He's saying that someone, a nation-state or other well funded entity, is launching carefully calibrated Distributed Denial of Service (DDOS) attacks against the major players running critical parts of the Internet. Such could be useful to learn the weak spots of critical Internet servers, as perhaps a prelude to a major attack onthem.
Here's the first part of this article, posted on hacked.com at Someone is Probing to Take Down the Internet, Warns Cryptographer (https://hacked.com/someone-probing-take-internet-warns-cryptographer/):
======================
The pillars that provide the basic infrastructure of the internet are being probed by an unknown entity, probing for that point where the foundation cracks and the internet breaks.
The internet’s critical and underlying basic infrastructure is being probed by an unknown attacker who is – patiently – looking for vulnerabilities, revealed cybersecurity expert and cryptographer Bruce Schneier.
A board member at the Electronic Frontier Foundation (EFF) and the Tor project, Schneier is also the chief technology officer at Resilient, a cybersecurity firm recently acquired by IBM.
In a blog post (https://www.schneier.com/blog/archives/2016/09/someone_is_lear.html), Schneier states that some of the companies that run “critical pieces of the internet” are being probed by an unknown quantity, with “precisely calibrated attacks.”,
Much like raptors did fences (Youtube) (https://youtu.be/DwAOHVBKTwg?t=2m) on Isla Nublar, these attacks are systematic and well-planned, seeking to understand the defenses employed by these vitally important companies.
“These probes take the form of precisely calibrated attacks designed to determine exactly how well these companies can defend themselves, and what would be required to take them down,” Schneier wrote.
DDoS Disruptions
While Schneier did not disclose the companies – whom he spoke to in the condition of anonymity – he did reveal the attacks occurred in the way of distributed denial-of-service or DDoS attacks. While this form of attack isn’t anything new, Schneier revealed that the companies are seeing a changes in the way these DDoS attacks are being carried out. Not only are these attacks larger in bandwidth, they are also longer. They’re sophisticated and more notably, they’re probing.
======================
The rest of the article is at Someone is Probing to Take Down the Internet, Warns Cryptographer (https://hacked.com/someone-probing-take-internet-warns-cryptographer/). The blog post of Bruce Schneier that this article was based on is at schneier.com/blog (https://www.schneier.com/blog/archives/2016/09/someone_is_lear.html).
Though I doubt that ProjectAvalon.net is one of the critical servers that Bruce is talking about, I have been seeing such calibrated (faster, slower, repeated, methodical) DDOS attacks against Avalon, more so in the last month or two. So far these attacks have had little impact on our uptime, thanks in part some custom mitigation software I've developed over the years for Avalon.
Of course, if anyone hit Avalon with the sort of high volume DDOS attacks that Verisign reports in their latest latest quarterly Verisign Distributed Denial of Service Trends Report (pdf) (https://www.verisign.com/assets/report-ddos-trends-Q22016.pdf), then Avalon would be like a bug while a main battle tank was rolling over it.
The attacks on Verisign's servers seem to be one to ten million times bigger than the typical DDOS attacks on Avalon. Fortunately Avalon doesn't run any of the typical UDP services, such as DNS (domain name server) or NTP (network time protocol) that Verisisn needs to run, which helps Avalon, as UDP attacks have become the most common. People wouldn't notice if some NTP servers went offline for a little while, but if the main DNS servers went down, most people would unable to use the Web at all, almost immediately.
Bruce has close contacts in computer, web and Internet security, at the highest levels, and is one of the best in the business.
He's saying that someone, a nation-state or other well funded entity, is launching carefully calibrated Distributed Denial of Service (DDOS) attacks against the major players running critical parts of the Internet. Such could be useful to learn the weak spots of critical Internet servers, as perhaps a prelude to a major attack onthem.
Here's the first part of this article, posted on hacked.com at Someone is Probing to Take Down the Internet, Warns Cryptographer (https://hacked.com/someone-probing-take-internet-warns-cryptographer/):
======================
The pillars that provide the basic infrastructure of the internet are being probed by an unknown entity, probing for that point where the foundation cracks and the internet breaks.
The internet’s critical and underlying basic infrastructure is being probed by an unknown attacker who is – patiently – looking for vulnerabilities, revealed cybersecurity expert and cryptographer Bruce Schneier.
A board member at the Electronic Frontier Foundation (EFF) and the Tor project, Schneier is also the chief technology officer at Resilient, a cybersecurity firm recently acquired by IBM.
In a blog post (https://www.schneier.com/blog/archives/2016/09/someone_is_lear.html), Schneier states that some of the companies that run “critical pieces of the internet” are being probed by an unknown quantity, with “precisely calibrated attacks.”,
Much like raptors did fences (Youtube) (https://youtu.be/DwAOHVBKTwg?t=2m) on Isla Nublar, these attacks are systematic and well-planned, seeking to understand the defenses employed by these vitally important companies.
“These probes take the form of precisely calibrated attacks designed to determine exactly how well these companies can defend themselves, and what would be required to take them down,” Schneier wrote.
DDoS Disruptions
While Schneier did not disclose the companies – whom he spoke to in the condition of anonymity – he did reveal the attacks occurred in the way of distributed denial-of-service or DDoS attacks. While this form of attack isn’t anything new, Schneier revealed that the companies are seeing a changes in the way these DDoS attacks are being carried out. Not only are these attacks larger in bandwidth, they are also longer. They’re sophisticated and more notably, they’re probing.
======================
The rest of the article is at Someone is Probing to Take Down the Internet, Warns Cryptographer (https://hacked.com/someone-probing-take-internet-warns-cryptographer/). The blog post of Bruce Schneier that this article was based on is at schneier.com/blog (https://www.schneier.com/blog/archives/2016/09/someone_is_lear.html).
Though I doubt that ProjectAvalon.net is one of the critical servers that Bruce is talking about, I have been seeing such calibrated (faster, slower, repeated, methodical) DDOS attacks against Avalon, more so in the last month or two. So far these attacks have had little impact on our uptime, thanks in part some custom mitigation software I've developed over the years for Avalon.
Of course, if anyone hit Avalon with the sort of high volume DDOS attacks that Verisign reports in their latest latest quarterly Verisign Distributed Denial of Service Trends Report (pdf) (https://www.verisign.com/assets/report-ddos-trends-Q22016.pdf), then Avalon would be like a bug while a main battle tank was rolling over it.
The attacks on Verisign's servers seem to be one to ten million times bigger than the typical DDOS attacks on Avalon. Fortunately Avalon doesn't run any of the typical UDP services, such as DNS (domain name server) or NTP (network time protocol) that Verisisn needs to run, which helps Avalon, as UDP attacks have become the most common. People wouldn't notice if some NTP servers went offline for a little while, but if the main DNS servers went down, most people would unable to use the Web at all, almost immediately.