Bruce Schneier: ‘Someone Is Learning How to Take Down the Internet’

Unknown attackers are probing the internet’s underlying infrastructure through DDoS attacks, according to Bruce Schneier, a cyber security expert and CTO at IBM’s Resilient.

The cyber security evangelist levied his suspicions at hackers from large nation states, pulling no punches on naming the nations he believes such DDoS attacks may be coming from.

“Over the past year or two, someone has been probing the defences of the companies that run critical pieces of the Internet. These probes take the form of precisely calibrated attacks designed to determine exactly how well these companies can defend themselves, and what would be required to take them down. We don’t know who is doing this, but it feels like a large a large nation state. China or Russia would be my first guesses,” he wrote on his Schneier on Security blog.

Breaking the internet

Schneier noted that recently there has been a surge in attacks against companies that provide the basic infrastructure for the internet; think major telecoms companies like AT&T. These attacks, according to Schneier have been of a certain profile that indicated they are exploring the capacity for the companies to defend themselves against denial-of-service attacks.

“One week, the attack would start at a particular level of attack and slowly ramp up before stopping. The next week, it would start at that higher point and continue. And so on, along those lines, as if the attacker were looking for the exact point of failure,” he noted.

He added that the attacks being levelled at theses infrastructure companies have been designed to attack across as many vectors as possible to see how the targeted firms defences counter the attacks.

“These companies are seeing more attacks using three or four different vectors. This means that the companies have to use everything they’ve got to defend themselves. They can’t hold anything back. They’re forced to demonstrate their defence capabilities for the attacker,” said Schneier, noting these findings track with the DDoS trends identified by Verisign, the registrar for many popular top-level internet domains.

“There’s more. One company told me about a variety of probing attacks in addition to the DDoS attacks: testing the ability to manipulate Internet addresses and routes, seeing how long it takes the defenders to respond, and so on,” he added. “Someone is extensively testing the core defensive capabilities of the companies that provide critical internet services.”

Dawn of the World Cyber War

Schneier said he does not know who would conduct such attacks, noting it is beyond the remit of activists, criminals and researchers. Due to the attacks’ size and persistence he suspects the DDoS activity comes from state sponsored actors, working in a pseudo-military fashion.

“It feels like a nation’s military cybercommand trying to calibrate its weaponry in the case of cyberwar. It reminds me of the US’s Cold War program of flying high-altitude planes over the Soviet Union to force their air-defence systems to turn on, to map their capabilities,” he speculated, adding that there is little that can be done about such attacks given their origin is unknown.

However, he suggests the NSA, which “has more surveillance in the Internet backbone than everyone else combined”, could shed some light on the source of the DDoS attacks.

One could see this as the early warnings of a potential cyber war. As many superpowers have nuclear weapons, which act as deterrents under the idea that mutually assured destruction would render their use almost suicidal, gaining superiority in the cyber warfare could may be the next arms race.

However, it is worth speculating that a single attack on a major provider of internet infrastructure would have massive ramifications on the way the internet operates across the globe.

So taking down a major US ISP could have the knock-on effect of severing e-commerce and international banking between continents, thereby causing massive crashes in global stock markets and trade. In short, pulling the virtual carpet out from under the internet would affect more than one nation, due the the globalisation of business, and could be the cyber warfare equivalent of cutting one’s nose off to spite one’s face.

Are you a security pro? Try our quiz!

Roland Moore-Colyer

As News Editor of Silicon UK, Roland keeps a keen eye on the daily tech news coverage for the site, while also focusing on stories around cyber security, public sector IT, innovation, AI, and gadgets.

Recent Posts

Google Fiber Plans US Network Expansion – Report

Google Fiber resurfaces. Network to be expanded to offer speedy internet connectivity to cities in…

14 hours ago

Samsung Unveils Two New Folding Smartphones

Foldable updates from Samsung. include new versions of its pocket sized square (Galaxy Z Flip…

14 hours ago

Elon Musk Sells Tesla Shares Worth $6.9 Billion

Tesla CEO Elon Musk admits he could need the funds if he loses legal showdown…

16 hours ago

Facebook At Centre Of US Teenager Home Abortion Case

Court documents show Facebook provided police in the US state of Nebraska with a teenager's…

18 hours ago

President Biden Signs $53 Billion US Chips Act

President Joe Biden signs landmark bill to encourage chip makers to build more semiconductor manufacturing…

19 hours ago

WhatsApp Update To Allow Users To Leave Groups Silently

Privacy changes to WhatsApp. No more blanket notifications to a group if a user decides…

20 hours ago