NATION STATE HACKERS LEARNING HOW TO TAKE DOWN THE INTERNET WARNS SECURITY EXPERT
A nation state is probing the defences of internet infrastructure firms to learn how to take it down, a cyber security expert has warned. Bruce Schneier said hackers, likely from China or Russia, are launching Distributed Denial of Service (DDoS) attacks against companies that run important parts of the internet.
He said the length and intensity of the attacks shows the culprits are likely testing the organisations’ defences to see how much they can take.
“These attacks are significantly larger than the ones they’re used to seeing,” Schneier wrote in a blog post. “They last longer. They’re more sophisticated. And they look like probing.
“One week, the attack would start at a particular level of attack and slowly ramp up before stopping. The next week, it would start at that higher point and continue. And so on, along those lines, as if the attacker were looking for the exact point of failure.”
He added that the hackers were launching different kinds of DDoS attacks to they could “see what the company’s total defences are”, sometimes using three or four different vectors.
A strong attack on a company like Verisign, Schneier explained, could result in “a global blackout of all websites and email addresses in the most common top-level domains”.
After speaking to some of the companies involved, he said the patterns of attack looked like a nation state calibrating its cyber weapons, rather than an activist or criminal.
“It reminds me of the US’s Cold War programme of flying high-altitude planes over the Soviet Union to force their air defence systems to turn on, to map their capabilities,” he wrote.
Recent figures show the number of DDoS attacks has tripled in the last year and the UK is now the second most targeted nation.