Re Someone Is Learning How to Take Down the Internet

["Dave Farber" <farber () gmail com>]

Begin forwarded message:

> From: Ross Stapleton-Gray <ross.stapletongray () gmail com>
> Date: October 24, 2016 at 4:31:38 PM EDT
> To: DAVID FARBER <dave () farber net>
> Subject: Re: [IP] Someone Is Learning How to Take Down the Internet
>
> I hear "sophisticated" thrown around a lot, in reporting on cybersecurity... I think that's a lazy word.  What 
> exactly would we say is sophisticated about the major DDoS attacks?  Lots of moving parts, and something requiring 
> engineering precision?  Or, in the aggregate, just a bunch of interesting (though familiar) little things?  An attack 
> that employs some zero-day exploit shouldn't be called sophisticated, if the perpetrator merely swapped some bitcoin 
> with the person that actually reverse-engineered the code, etc.
>
> I also wouldn't rush to assume "large nation state" due to the scale of the attack; one passably good network 
> engineer could probably pull off any of these, given what can be automated, outsourced, etc., etc. (exactly what, in 
> the Dyn attacks, would require much more than what one experienced engineer and the wherewithal to buy some bots 
> could achieve?  Lining up a lot of ducks, before pushing the "fire" button, doesn't make for sophistication, just 
> garden-variety duck-scheduling skills, time and perhaps a little money.)
>
> Schneier's suggesting that it looks like cyberwar "calibration" due to the apparent thoroughness of the attacks in 
> running through a range of options might be a good guess, and certainly would make sense, but there's no reason it 
> couldn't also be a diligent doctoral student with OCD, and we'll see an anonymous submission to a future network 
> conference on how anyone with $100 in seed capital can take down the Western world...
>
> Ross
>  
> > > Someone Is Learning How to Take Down the Internet
> > > By Bruce Schneier
> > > Sep 13 2016
> > > <https://www.schneier.com/blog/archives/2016/09/someone_is_lear.html>
> > >
> > > Over the past year or two, someone has been probing the defenses of the companies that run critical pieces of the 
> > > Internet. These probes take the form of precisely calibrated attacks designed to determine exactly how well these 
> > > companies can defend themselves, and what would be required to take them down. We don't know who is doing this, but 
> > > it feels like a large nation state. China or Russia would be my first guesses.
> > > ...
> > > They're more sophisticated.
>
> >  ...
>
> > > Who would do this? It doesn't seem like something an activist, criminal, or researcher would do. Profiling core 
> > > infrastructure is common practice in espionage and intelligence gathering. It's not normal for companies to do 
> > > that. Furthermore, the size and scale of these probes -- and especially their persistence -- points to state actors.



-------------------------------------------
Archives: https://www.listbox.com/member/archive/247/=now
RSS Feed: https://www.listbox.com/member/archive/rss/247/18849915-ae8fa580
Modify Your Subscription: https://www.listbox.com/member/?member_id=18849915&id_secret=18849915-aa268125
Unsubscribe Now: 
https://www.listbox.com/unsubscribe/?member_id=18849915&id_secret=18849915-32545cb4&post_id=20161024164345:8C06D720-9A2A-11E6-87E2-7F5CF010038B
Powered by Listbox: http://www.listbox.com