Skip to main content

Is a major entity trying to learn how to take down the internet?

A hand on a laptop in a dark surrounding.
Image used with permission by copyright holder
In recent years, distributed denial-of-service (DDoS) attacks have become increasingly prevalent across the internet. These techniques use a barrage of data to overwhelm a site’s servers and render it inaccessible to ordinary users — and now there’s evidence that an unknown entity is preparing to level this kind of assault against key web infrastructure.

Some of the companies that help keep the web up and running have reported an increase in DDoS attempts against their services in recent months, according to a report from Bruce Schneier. The security expert suggests that these attacks could be part of a “probing” process intended to figure out what their targets can and cannot withstand.

The victims have apparently been “forced to demonstrate their defense capabilities for the attacker,” as the unknown originator of these probes has been steadily increasing its level of attack over a period of time. The theory is that the attacks are intended to hone in on the exact point where a service’s defenses fail.

Schneier is unable to refer to specific companies that he’s been in contact with, but he claims that what they’re reporting is consistent with statements made by web infrastructure firm Verisign. Earlier this year, the company published a report asserting that DDoS attacks against its services had become “more frequent, persistent, and complex” in recent months.

The relevance of this to the average web user is that Verisign is the registrar for domains like .com and .net. If the company was to be successfully taken down by a DDoS attack, all websites and email addresses related to those domains could suffer what Schneier describes as a “global blackout.”

Schneier rules out activists, criminals, and researchers as likely culprits, and instead points toward espionage as the root of these probing attacks. Based on the size and scale of the operation, it seems probable that state actors are responsible — although it’s difficult to determine exactly who is pulling the strings. “It feels like a nation’s military cybercommand trying to calibrate its weaponry in the case of cyberwar,” wrote Schneier.

Editors' Recommendations

Brad Jones
Brad is an English-born writer currently splitting his time between Edinburgh and Pennsylvania. You can find him on Twitter…
Hackers just launched the largest HTTPS DDoS attack in history
A depiction of a hacker breaking into a system via the use of code.

The largest ​​HTTPS distributed denial-of-service (DDoS) attack in history materialized last week, Cloudflare has confirmed.

Cloudflare, which specializes in DDoS mitigation, announced that it successfully prevented the record-breaking onslaught before it could inflict any real damage.

Read more
Cloudflare just stopped one of the largest DDoS attacks ever
Hands on a laptop.

Cloudflare, a company that specializes in web security and distributed denial of service (DDoS) attack mitigation, just reported that it managed to stop an attack of an unprecedented scale.

The HTTPS DDoS attack was one of the largest such attacks ever recorded, and it came from unusual sources -- data centers.

Read more
Microsoft stopped the largest DDoS attack ever reported
Nvidia T4 Enterprise Server Wall

Distributed Denial-of-Service (DDoS) attacks have become more common, and Microsoft recently published a blog post looking into the trends for such attacks on its own servers. In that post, the company says that, at one point, it stopped one of the largest-ever-recorded DDoS attacks on a Microsoft Azure server in Asia.

According to Microsoft's data, in November, an unnamed Azure customer in Asia was targeted with a DDoS attack with a throughput of 3.47 Tbps and a packet rate of 340 million packets per second (pps.) The attack came from 10,000 sources from multiple countries across the globe, including China, South Korea, Russia, Iran, and Taiwan. The attack itself lasted 15 minutes. Yet it is not the first one of such scale, as there were two additional attacks, one of 3.25 Tbps and another of 2.55 Tbps in December in Asia.

Read more