Security Expert claims hackers are looking to "shut down the internet"

[Coaxialgamer]

I'm not saying this guy is right...  I'm juat saying there are plenty of people who think they know more than a qualified security expert because of things that were not disclosed in a bbc article for the general public... 

[Master Disaster]

18 minutes ago, Coaxialgamer said:

I'm not saying this guy is right...  I'm juat saying there are plenty of people who think they know more than a qualified security expert because of things that were not disclosed in a bbc article for the general public... 

You've got a good point, I'm sure there are details about this which we simply don't know but C'mon, it's absurd to think a single group could switch off the entire Internet. 

 

Sounds like something I'd expect to see from my favourite movie character... 

[Coaxialgamer]

4 minutes ago, Master Disaster said:

You've got a good point, I'm sure there are details about this which we simply don't know but C'mon, it's absurd to think a single group could switch off the entire Internet. 

 

Sounds like something I'd expect to see from my favourite movie character... 

 

again , the concept is absurd , to be sure . But the guy might have been told he was being interviewed by bbc and thus severely dumbed down his explanation . BBC might also have twisted the truth in order to get more views/clicks .

 

Maybe all he means is hackers could be shutting down many major links/nodes/websites , but not the "internet" itself  ( as it is a network that grows and evolves )

[Thaldor]

1 hour ago, Master Disaster said:

-snip-

Yep, that's why taking down DNS servers would be impossible and they are quite a much the backbone of the internet. At most you could take down internet from small area which has one single DNS server as their first hop or some server that is connected to a single DNS. Taking out one of the bigger DNS servers would wreak some chaos because they have fast ready made routes to big services like YouTube and many smaller DNS servers just make static route to them to guide users to the big services. If somebody was able to take out something like Googles main DNS server, it would be bad situation for about few minutes when there would be possibility to knock out some small DNS servers because something like ISP and even country DNS servers would have static routes to the Google DNS to get users to the YouTube nad when the Google DNS would go down these big DNS servers would start to send quaries everywhere about where they can find YouTube as fast as possible and some small DNS servers could have faster routes to the YouTube than some bigger ones (which would have some alternative route to the YouTube which wouldn't include Google DNS) and these big DNS servers would send their thousands even millions of users and quaries about YouTube to these small DNS servers which couldn't handle the traffic. But the situation wouldn't be anything bad, acctually probably all of the bigger DNS servers from time to time proof their static routes by deleting them and making new ones and blocking some other DNS servers access to them to force them to find alternative routes or even sending them info about alternative routes just to make sure there's healthy amount of possible routes to big services for the cases where some huge DNS servers would go down.

[Doobeedoo]

No way whole Internet can be crashed just so.
Though it makes it impossible to stop Terminators from communicating once that comes.

[Yoinkerman]

If they can disable the main DNS servers, either directly or pump out broken tables or corrupting them, in a way that causes servers connected to them to error out their tables, it could cascade and effectively knock out much of the internet.

 

If they can screw up access to facebook and Google and routes banks use for stuff, it will wreak much havoc, they don't have to bring *everything* down.

[VerticalDiscussions]

1 hour ago, Master Disaster said:

-snip-

But a Trillion is x1000 a Billion... :o?

[Thaldor]

26 minutes ago, Yoinkerman said:

If they can disable the main DNS servers, either directly or pump out broken tables or corrupting them, in a way that causes servers connected to them to error out their tables, it could cascade and effectively knock out much of the internet.

 

If they can screw up access to facebook and Google and routes banks use for stuff, it will wreak much havoc, they don't have to bring *everything* down.

It's not that simple. iirc Googles main DNS servers are their own datacenters, we are talking about probably terabit class connections, ability to handle all Googles internal traffic (if you thought all of the YouTube videos were on same server or datacenter, you're very wrong, they just fetch those from all of the datacenters all around the world) and external traffic. There's 24/7 tech teams which are more than capable handling some DDoS attacks and DNS attacks. And even if someone was able to start getting them to kneel, they can always pull the plug and after few minutes they are back online like nothing ever happened. And if those fail and someone was able to bring them down, there's still a lot of DNS servers out there and they probably just were able to stop Googles services for few minutes or few hours.

 

Yes, it's possible, but those who could do something like that are few and I belive there's a lot more to catch for people with that kind of skillsets than just being nuicance and being able to disable one part (even if it's huge) of teh internet for max. few hours. Hell, even if somebody gained botnet huge enough to even being more than a nuicance to something like main DNS servers, there's a lot more profitable use for that than just DDoS attack (with that caliber botnet you would probably make yourself quite rich only by mining some bitcoins or try to break some security walls to get access to stock markets or bank databases). So, if someone had the resources to even try falling some part of the internet and went on with it, that person would be really stupid.

[vorticalbox]

the internet was designed the resist parta of it going down and routing traffic around the down parts.

 

it would need attacks at a large number of points to take the internet down.

[SSL]

Did anyone here actually read the article?

 

4 hours ago, JCBiggs said:

yeah... i don't think that people who think they can crash the entire internet, really understand how the internet actually works.  its designed to survive nuclear war in every major city in the world..  and in the unlikely even the "net" does fail... some basic re-configs can build city wide intranets with basically the same function. Then there is the mesh networks......yeah.. im not worried.

 

not to mention.. the ai is already selfaware and working in the background to keep itself viable.

 

4 hours ago, JCBiggs said:

agreed that attackers could seek vulbnerbilities to crash exchanges, markets, induvidual power companies...etc..... but the essence of the post was cutting off the entire internet...which outside of a complete and utter breakdown of physics, is practically impossible. 

 

4 hours ago, Master Disaster said:

I don't know. I mean if you simultaneously hit enough data centers at the same time I'm sure you could create pretty big problems for a very large number of people around the globe. 

 

I just doubt that's their intention and even if it was that they have access to enough bandwidth to pull it off. 

 

4 hours ago, KuJoe said:

Is it just me or does this "security expert" not understand how BGP works? One peer goes down it has no impact on the rest of the internet and there are no "key" routers that are required for BGP to work.

 

4 hours ago, System Error Message said:

Have you seen the routers used in these exchanges? They're cisco blade server routers with so much CPU and memory. I dont think you could crash them with DDoS or hacking with the amount of hardware resource that they have, the best you can do is just saturate a few links which wouldnt make them crawl to a halt. The only way would be launching missiles at this facility.

 

DDoS is a brute force type of attack, its not a hack. Hacking would mean exploiting like sending a packet that causes a buffer overflow eventually causing it to crash. So we can say the chinese and russians arent hackers, just script kiddies.

 

3 hours ago, Master Disaster said:

You know what, I've just thought of a huge issue with this plan. 

 

Assuming they had the bandwidth (let's say they had a botnet of 1 billion PCs) to take down enough data centers to crash the internet. Well as soon as they crash it they lose their DDOS attack and the problem almost instantly goes away. 

 

3 hours ago, Thaldor said:

Shutting down the internet, LoL, good luck with that. Only way to make some great damage would be to target the DNS servers, but then again it's too easy to reroute incoming connections to other DNS servers and it's very unlikely someone would have enough computing power and bandwidth to start crashing every single DNS server out there (every ISP has at least 1 DNS server, Google has at least 2 public and few private DNS servers, Cisco has it's own DNS servers, probably Microsoft and Amazon has few DNS servers, but any way there's a lot of them and probably many are even hidden from public as backups). They would be probably more succeful to try to hack to Googles core and change "request.password" to "return true" and making every single Google account litterally password free (also he damage would be far greater and effect far worse).

 

And really, a DDoS attack? Probably the oldest network attack there is and which can be prevented on so many levels. Only one kind of servers can be crashed now days with DDoS attacks, outdated firmwares and OSs and unattended or poorly attended. And even if they got some server to it's knees and it would be somehow some knot in the internet, it would just go offline and everything else would just find a route around it. You can also think about The PIrate Bay, one internet service that just refuses to die, they try to block it, take down the servers, physically confescate the servers and all they are able to do is to get it off the net for few minutes or few hours the best and it pops up somewhere else. If that kind of technology is available to "consumers" what might someone like Google have in their hands.

 

Also, if against every odd they managed to shut down the internet, it would come back in few minutes. Also the internet is only one "hyper network", darknet would be untouched by closing of the internet, freeweb couldn't care less about closing down the internet not to mention all P2P-networks and private networks and pretty much a lot of other stuff that would be like "oh, the internet closed, well who cares we just can't use Google for few minutes".

 

3 hours ago, huilun02 said:

What a strange line of thought. If one was so intelligent to perform such a task, would have figured out that attacking a single point of failure means fixing that point of failure would bring everything back up.

 

I can think of a better way to cause damage, like distributing a well hidden malware that corrupts/zeroes out all data on every infected computer at set point in time.

 

11 minutes ago, vorticalbox said:

the internet was designed the resist parta of it going down and routing traffic around the down parts.

 

it would need attacks at a large number of points to take the internet down.

 

Sorry, but these comments stink of armchair "expertise". Any actual explanations or just a lot of noise to the effect "I doubt this is possible based on a Wikipedia article I read"?

 

[samcool55]

I guess if you launch multiple attacks at a lot of networks you can take it out completely, for a short time. But that's a very ambitious plan that has a very small chance of completely succeeding.

 

And in the end there are a LOT more network experts out there than attacking govs so regardless what they try, experts will find a way to get everything back online eventually

 

In the very very worst case it causes a sort of "reset" and knowing the internet it can probably recover from any kind of attack very quickly.

[System Error Message]

1 minute ago, SSL said:

Did anyone here actually read the article?

 

 

 

 

 

 

 

 

 

 

Sorry, but these comments stink of armchair "expertise". Any actual explanations or just a lot of noise to the effect "I doubt this is possible based on a Wikipedia article I read"?

 

Wikipedia isnt the best source. What im saying is that its not possible to use brute force to take down the internet as theres no off switch. The internet is a very distributed thing. Hacking is very difficult nowadays as it involves finding flaws, exploiting, using maths and lots of other things. Im saying the chinese arent hacking, they're just brute forcing and using trojans and phishing in order to get around rather than actually hacking the network.

 

As i was saying the only way to take down the internet would be to destroy every exchange but that wont destroy internal networks or satellite internet.

 

There is a website that provides life feed of attacks, showing how much of internet traffic is DDoS and where.

[SSL]

Just now, System Error Message said:

 

Wikipedia isnt the best source. What im saying is that its not possible to use brute force to take down the internet as theres no off switch. The internet is a very distributed thing. Hacking is very difficult nowadays as it involves finding flaws, exploiting, using maths and lots of other things. Im saying the chinese arent hacking, they're just brute forcing and using trojans and phishing in order to get around rather than actually hacking the network.

 

As i was saying the only way to take down the internet would be to destroy every exchange but that wont destroy internal networks or satellite internet.

 

There is a website that provides life feed of attacks, showing how much of internet traffic is DDoS and where.

 

So you didn't read the article. Thanks for confirming.

[vorticalbox]

6 minutes ago, SSL said:

Did anyone here actually read the article?

 

 

 

 

 

 

 

 

 

 

Sorry, but these comments stink of armchair "expertise". Any actual explanations or just a lot of noise to the effect "I doubt this is possible based on a Wikipedia article I read"?

 

didn't actually read it which I will get too. From my understanding the internet was design the resist attacks by routing packets anywhere in the network the destination.

 

when I read "looking for off switch" I assumed they were trying to find a single point of failure which by design shouldn't exist.

[SSL]

Just now, vorticalbox said:

didn't actually read it which I will get too. From my understanding the internet was design the resist attacks by routing packets anywhere in the network the destination.

 

when I read "looking for off switch" I assumed they were trying to find a single point of failure which by design shouldn't exist.

 

Then read the article. You and everyone else is getting hung up on the lame title.

 

To be fair, Schneier is cagey with actual information, because apparently the organizations he's discussed it with have requested that he keep it under wraps.

[System Error Message]

 

1 minute ago, SSL said:

 

So you didn't read the article. Thanks for confirming.

What wikipedia article? Its BBC not wikipedia.

Many "experts" and politics that i see on the news and such are usually silly.

 

I've seen this sort of news and articles quite a lot of times for the same thing, DDoS. DDoS isnt hacking, its a brute force attack and is only hacking if it is used to take advantage of some exploit i.e. a switch turning into a hub.

[SSL]

Just now, System Error Message said:

What wikipedia article? Its BBC not wikipedia.

Many "experts" and politics that i see on the news and such are usually silly.

 

I've seen this sort of news and articles quite a lot of times for the same thing, DDoS. DDoS isnt hacking, its a brute force attack and is only hacking if it is used to take advantage of some exploit i.e. a switch turning into a hub.

 

https://www.schneier.com/blog/archives/2016/09/someone_is_lear.html

 

As for whether DDoS is hacking, that's a semantic argument and not really relevant to the conclusion of the article.

[System Error Message]

1 minute ago, SSL said:

 

https://www.schneier.com/blog/archives/2016/09/someone_is_lear.html

 

As for whether DDoS is hacking, that's a semantic argument and not really relevant to the conclusion of the article.

But the article calls them hackers, i wouldnt. Especially if they dont realise there is no "off switch"

[QueenDemetria]

If they want to turn off the internet they should just unplug their modem, simple as that.

[SSL]

9 minutes ago, System Error Message said:

But the article calls them hackers, i wouldnt. Especially if they dont realise there is no "off switch"

 

It really doesn't matter what they're called. The phrase "off switch" doesn't appear in the original source article.

[Master Disaster]

7 minutes ago, SSL said:

 

It really doesn't matter what they're called. The phrase "off switch" doesn't appear in the original source article.

So it's, as expected, the BBC dumbing down the article then. 

 

Well it seems someone at the BBC agrees with you because originally the headline said "looking for an off switch" but that has now been changed to "put out of action". 

[Tech_Dreamer]

yeah it's called a nuclear holocaust , no more people , no more internet

[Master Disaster]

Just now, Tech_Dreamer said:

yeah it's called a nuclear holocaust , no more people , no more internet

Now your getting into proper tinfoil hat territory. 

[Dabombinable]

In some ways it would be a good thing, the current Internet is going to shit (government+SJW meddling and all that), and it would facilitate people moving to a new one (entirely possible BTW).

[Prysin]

6 hours ago, Master Disaster said:

snip

how about you probe your post and find out how to format it so night mode users doesnt get cancer from the formatting. Dear god its horrible.