Cybersecurity researcher Bruce Schneier published a provocatively titled blog post — “Someone Is Learning How to Take Down the Internet” — which can either be interpreted as shocking or blasé, depending on your perspective. The gist is that sources within high-level web infrastructure companies told Schneier that they’re facing increasingly sophisticated DDoS attacks:
“These attacks are significantly larger than the ones they’re used to seeing. They last longer. They’re more sophisticated. And they look like probing. One week, the attack would start at a particular level of attack and slowly ramp up before stopping. The next week, it would start at that higher point and continue. And so on, along those lines, as if the attacker were looking for the exact point of failure.”
Schneier goes on to speculate that the culprit is a state actor, likely Russia or China. So, I have a few reactions:
1) I would be very surprised in the opposite case, if Schneier asserted that no one was trying to figure out how to take down the internet. Just like the executives of public companies have a fiduciary duty to be as evil as possible in order to make money for their shareholders, government agencies have a mandate to be as evil as possible in order to maintain global power.
When I say “evil” I don’t mean that they’re malicious. I mean they end up doing evil things. And then their adversaries do evil things too, upping the ante. Etc, etc.
2) Schneier’s disclosure may end up in the headlines, but the disclosure itself is not a big deal in the grand scheme of things. Venkatesh Rao said (in reference to Trump, but it’s still relevant), “It takes very low energy to rattle media into sound and fury, ‘break the Internet’ etc. Rattling the deep state takes 10,000x more energy.”
3) I don’t expect whoever is figuring out how to “DDoS ALL THE THINGS!” to actually do it anytime soon. Take this with a grain of salt, since I’m not a NatSec expert by any means, but it would be counterproductive for China, Russia, or the United States itself to take the internet offline under normal circumstances. “Normal circumstances” is key — the expectations change if an active physical conflict breaks out, as some Hacker News commenters noted.
I suspect that being able to take down the internet is somewhat akin to having nukes — it’s a capability that you’d like your enemies to be aware of, but not necessarily one that you want to exercise.
I also like what “Random Guy 17” commented on Schneier’s original post: “An attack on a service is best done by an attacker that doesn’t need that service.”
Comments are closed.