Here’s one that didn’t get reported widely. Yesterday afternoon, the largest and most sophisticated attack ever was launched against servers worldwide that play a crucial role in running the entire Internet. The Internet is enormously resilient and users never noticed a slowdown or problem – but the attack came far closer to succeeding than anyone would have predicted.
The incident involved “distributed denial of service” (“DDOS”) attacks. Computers worldwide are hijacked with a virus or worm or some other exploit that takes advantage of a security vulnerability, and they’re used to overwhelm a particular network with an onslaught of data until the network can’t be used. In February 2000, Amazon.com, eBay, Yahoo, and a host of other big-name e-commerce sites came to a grinding halt for several hours due to DDOS attacks.
In this case, the targets were thirteen “root servers,” which act as a sort of master directory for the Internet. The Domain Name System (DNS), which converts complex Internet protocol addressing codes into the words and names that form e-mail and Web addresses, relies on the servers to tell computers around the world how to reach Internet domains.
The Internet is built so that eight or more of the root servers must fail before Internet users start to see slowdowns. The scary thing about yesterday’s attack is that according to one spokesperson, only four or five of the 13 servers were able to withstand the attack and remain available to legitimate Internet traffic throughout the strike. That’s the bare minimum to keep the Internet flowing freely.
Here’s a Washington Post article with more details. I haven’t seen any updates today about whether the attack has completely ended.
