A nation state is learning how to take down the internet, according to IT security expert Bruce Schneier. The report, using data gathered from the Akamai Intelligent Platform™, highlights the cloud security landscape, specifically trends with DDoS and web application attacks, as well as malicious traffic from bots. They’re sophisticated and more notably, they’re probing.
Advertisement
All this, then, could be leading up to some kind of major campaign to deliver a knockout blow to the internet, and he further theorises that this feels like something a nation state is organising – guessing at China or Russian Federation as his most likely candidates.
It is impossible to tell where the probing attacks are coming from, but this sort of cyber warfare is consistent with the capabilities of China, Iran, Russia and indeed the US. These attacks, according to Schneier have been of a certain profile that indicated they are exploring the capacity for the companies to defend themselves against denial-of-service attacks.
Schneier said in a blog post: “One week, the attack would start at a particular level of attack and slowly ramp up before stopping”.
Attacks would also continue from a higher point than they left off a week before, like someone looking for a point of failure. The theory is that the attacks are meant to hone in on the exact point where a service’s defenses fail.
He added that the attacks being levelled at theses infrastructure companies have been created to attack across as many vectors as possible to see how the targeted firms defences counter the attacks.
Many of these DDoS attacks against internet infrastructure are created to test the defense measures taken by companies. They can’t hold anything back. “They’re forced to demonstrate their defense capabilities for the attacker”.
The gaming and software industries remain the most frequently targeted industries for DDoS attacks over the last two quarters, the latest edition of Akamai’s State of the Internet Security Report (download link here, registration required) concludes.
It doesn’t seem like something an activist, criminal, or researcher would do.
“Furthermore, the size and scale of these probes – and especially their persistence – points to state actors”. “It feels like a nation’s military cyber command trying to calibrate its weaponry in the case of cyber war”, Schneier wrote.
One could see this as the early warnings of a potential cyber war.
Advertisement
However, he suggests the NSA, which “has more surveillance in the Internet backbone than everyone else combined”, could shed some light on the source of the DDoS attacks.
