Skip to main content

Is a major entity trying to learn how to take down the internet?

A hand on a laptop in a dark surrounding.
In recent years, distributed denial-of-service (DDoS) attacks have become increasingly prevalent across the internet. These techniques use a barrage of data to overwhelm a site’s servers and render it inaccessible to ordinary users — and now there’s evidence that an unknown entity is preparing to level this kind of assault against key web infrastructure.

Some of the companies that help keep the web up and running have reported an increase in DDoS attempts against their services in recent months, according to a report from Bruce Schneier. The security expert suggests that these attacks could be part of a “probing” process intended to figure out what their targets can and cannot withstand.

Related Videos

The victims have apparently been “forced to demonstrate their defense capabilities for the attacker,” as the unknown originator of these probes has been steadily increasing its level of attack over a period of time. The theory is that the attacks are intended to hone in on the exact point where a service’s defenses fail.

Schneier is unable to refer to specific companies that he’s been in contact with, but he claims that what they’re reporting is consistent with statements made by web infrastructure firm Verisign. Earlier this year, the company published a report asserting that DDoS attacks against its services had become “more frequent, persistent, and complex” in recent months.

The relevance of this to the average web user is that Verisign is the registrar for domains like .com and .net. If the company was to be successfully taken down by a DDoS attack, all websites and email addresses related to those domains could suffer what Schneier describes as a “global blackout.”

Schneier rules out activists, criminals, and researchers as likely culprits, and instead points toward espionage as the root of these probing attacks. Based on the size and scale of the operation, it seems probable that state actors are responsible — although it’s difficult to determine exactly who is pulling the strings. “It feels like a nation’s military cybercommand trying to calibrate its weaponry in the case of cyberwar,” wrote Schneier.

Editors' Recommendations

Microsoft stopped the largest DDoS attack ever reported
Nvidia T4 Enterprise Server Wall

Distributed Denial-of-Service (DDoS) attacks have become more common, and Microsoft recently published a blog post looking into the trends for such attacks on its own servers. In that post, the company says that, at one point, it stopped one of the largest-ever-recorded DDoS attacks on a Microsoft Azure server in Asia.

According to Microsoft's data, in November, an unnamed Azure customer in Asia was targeted with a DDoS attack with a throughput of 3.47 Tbps and a packet rate of 340 million packets per second (pps.) The attack came from 10,000 sources from multiple countries across the globe, including China, South Korea, Russia, Iran, and Taiwan. The attack itself lasted 15 minutes. Yet it is not the first one of such scale, as there were two additional attacks, one of 3.25 Tbps and another of 2.55 Tbps in December in Asia.

Read more
Cloudflare reports a massive 175% increase in DDoS attacks
Person using laptop with security graphics in front.

Cloudflare, a web infrastructure and security company, has just released a report titled "DDoS Attack Trends for Q4 2021." According to Cloudflare, 2021 has been a particularly bad year in terms of DDoS attacks.

Ransom distributed denial of service (DDoS) attacks increased by over 175 percent quarter over quarter, highlighting the large scale of the problem described by Cloudflare.

Read more
Major Cloudflare outage takes down Discord, Postmates, and other sites
global internet usage one zettabyte computer server room information cloud web net

Internet service giant Cloudflare suffered an outage Friday afternoon, knocking out service to many websites and services, including popular chat app Discord.

According to the Cloudflare's System Status page, the web services provider was suffering "network and resolver issues."

Read more