In one of the most significant hack attempts of the past few years, attackers tried to take down key parts of the Internet by targeting critical routing servers.
On February 6, attackers launched a distributed denial-of-service  attack on three of these "root" servers, which help direct global Internet traffic by resolving domain names to IP addresses.
Experts are noting in news reports that there is no evidence so far of lasting damage, a development that is being touted as a sign of success for the servers' security measures.
Involved in the attack were servers operated by the U.S. Defense Department, the Internet Corporation for Assigned Names and Numbers (ICANN), and UltraDNS, a company that manages traffic primarily for .org Web sites.
Strong, Maybe Steady
Following the attacks, Paul Levins, vice president of corporate affairs at ICANN, noted in news reports that the most interesting element of the concerted attack is that the system demonstrated how valuable it is that key parts of the Internet are dispersed, yet interoperable. Although the root servers are connected, there is no single point of failure, he emphasized.
Graham Cluley, senior technology consultant at security firm Sophos, offered a similar take. The way the Internet is architected, he said, makes it unlikely that hackers would be able to bring down the Internet as a whole.
"The Net is becoming more resilient all the time, and has been designed intentionally to try and deflect this kind of attack," he noted. "Indeed, the origins of the Internet are based upon a communications infrastructure built by the American military in the event of war."
Although hackers are getting smarter, it is also comforting to know that there are "lots of very smart, good guys" working continuously to reinforce the Internet, Cluley said.
These workers often run through horror scenarios, he added, to predict what type of attack could be attempted and figure out how criminals could disrupt global communications.
Zombie Parade
Levins and others involved with the key servers have noted that it is too early to provide results on exactly how the attackers managed the assault, but there has been some speculation that zombie computers might have been involved.
Zombies PCs -- machines secretly commandeered by hackers from unsuspecting users -- could have brought the Web to its knees, Cluley noted, and should be a wake-up call that more needs to be done to tackle the root of the problem.
"Society is almost totally reliant on the Internet for day-to-day communication," he said. "It's ironic that the people who depend on the Web may have been the ones whose computers were secretly trying to bring it down."
What is certain, Cluley added, is that the authorities are not going to see the attack as a prank, or a way for hackers to boast about getting to the key servers. "The criminals are asking for trouble; it's like trying to steal a salmon from a grizzly bear," he said. "I wouldn't want to be in the bad guys' shoes right now."
|
