As users of Twitter and many other services probably know, large parts of the Internet weren’t working Friday, thanks to a hacking attack on the Internet’s infrastructure. NBC reported that a senior intelligence official told the network that the hack “does not appear at this point to be any kind of state-sponsored or directed attack.” It may be that new evidence emerges that leads the U.S. intelligence community to change its opinion and identify a major state as a responsible party. The scarier possibility is that it wasn’t a state that did it.
The attack targeted the domain name system.
The Internet relies on a complicated mix of systems and protocols to work. Friday’s attack targeted a key aspect of the Internet — the domain name system. Every time your desktop or phone browser asks to load the Web page for, say, http://www.washingtonpost.com, specialized servers need to turn the Web address into a series of numbers — the IP address — to figure out where the request ought to be sent. The company that was hacked Friday runs part of the domain name system. The hackers sent so many requests to the domain name servers that they were overwhelmed.
This kind of attack is called a distributed denial of service attack, or DDoS attack. It used to be thought of as a relatively unsophisticated instrument, and many forms of DDoS can be easily repelled, once the target of the attack realizes what is going on. Both activists (such as members of the loose Anonymous collective) and state actors (looking to silence inconvenient dissidents offshore) have used DDoS attacks in the past. Such attacks led Google to create Project Shield, which was intended to deploy Google’s massive resources to protect actors who might otherwise be effectively silenced by nefarious actors.
These attacks have escalated.
Unfortunately, such attacks have escalated dramatically over time. The problem started with unsecured computers. Many people (almost certainly including readers of this article) are bad at keeping their computer operating systems updated, with the result that their computers have been quietly subverted and made part of ‘botnets’ made up of thousands of enslaved machines. These computers can then be turned against a target system, repeatedly bombarding it with demands until it is effectively taken off the Internet. Criminals have herded botnets to blackmail the owners of gambling websites by threatening to keep them offline with DDoS attacks until a ransom is paid.
Read the full piece at The Washington Post.