Interesting People mailing list archives
Re Someone Is Learning How to Take Down the Internet
From: "Dave Farber" <farber () gmail com>
Date: Mon, 24 Oct 2016 16:43:36 -0400
Begin forwarded message:
From: Ross Stapleton-Gray <ross.stapletongray () gmail com> Date: October 24, 2016 at 4:31:38 PM EDT To: DAVID FARBER <dave () farber net> Subject: Re: [IP] Someone Is Learning How to Take Down the Internet I hear "sophisticated" thrown around a lot, in reporting on cybersecurity... I think that's a lazy word. What exactly would we say is sophisticated about the major DDoS attacks? Lots of moving parts, and something requiring engineering precision? Or, in the aggregate, just a bunch of interesting (though familiar) little things? An attack that employs some zero-day exploit shouldn't be called sophisticated, if the perpetrator merely swapped some bitcoin with the person that actually reverse-engineered the code, etc. I also wouldn't rush to assume "large nation state" due to the scale of the attack; one passably good network engineer could probably pull off any of these, given what can be automated, outsourced, etc., etc. (exactly what, in the Dyn attacks, would require much more than what one experienced engineer and the wherewithal to buy some bots could achieve? Lining up a lot of ducks, before pushing the "fire" button, doesn't make for sophistication, just garden-variety duck-scheduling skills, time and perhaps a little money.) Schneier's suggesting that it looks like cyberwar "calibration" due to the apparent thoroughness of the attacks in running through a range of options might be a good guess, and certainly would make sense, but there's no reason it couldn't also be a diligent doctoral student with OCD, and we'll see an anonymous submission to a future network conference on how anyone with $100 in seed capital can take down the Western world... RossSomeone Is Learning How to Take Down the Internet By Bruce Schneier Sep 13 2016 <https://www.schneier.com/blog/archives/2016/09/someone_is_lear.html> Over the past year or two, someone has been probing the defenses of the companies that run critical pieces of the Internet. These probes take the form of precisely calibrated attacks designed to determine exactly how well these companies can defend themselves, and what would be required to take them down. We don't know who is doing this, but it feels like a large nation state. China or Russia would be my first guesses. ... They're more sophisticated....Who would do this? It doesn't seem like something an activist, criminal, or researcher would do. Profiling core infrastructure is common practice in espionage and intelligence gathering. It's not normal for companies to do that. Furthermore, the size and scale of these probes -- and especially their persistence -- points to state actors.
------------------------------------------- Archives: https://www.listbox.com/member/archive/247/=now RSS Feed: https://www.listbox.com/member/archive/rss/247/18849915-ae8fa580 Modify Your Subscription: https://www.listbox.com/member/?member_id=18849915&id_secret=18849915-aa268125 Unsubscribe Now: https://www.listbox.com/unsubscribe/?member_id=18849915&id_secret=18849915-32545cb4&post_id=20161024164345:8C06D720-9A2A-11E6-87E2-7F5CF010038B Powered by Listbox: http://www.listbox.com
Current thread:
- Re Someone Is Learning How to Take Down the Internet Dave Farber (Oct 24)