By Andrew Noyes
National Journal's Technology Daily
April 5, 2007
The most serious threat to the Internet infrastructure in the 21st
century is a massive virtual blackout known as a "distributed denial of
service attack," an outspoken board member for the group that
administers Internet addresses said Thursday at a Hudson Institute
This type of high-tech ambush, which occurs when multiple compromised
systems flood the bandwidth or resources of a targeted server to make
Web pages unavailable, could be devastating for global online
communication, said Susan Crawford of the Internet Corporation for Names
The most significant attack in recent years came on Feb. 6, when six of
13 root-zone servers were slammed by an army of "zombie computers,"
which were compromised by hackers, the Cardozo Law School professor said
at the think tank event.
While the average Internet user's experience was not affected by the
attack, the incident underscored the fact that there is no real
oversight of those servers, whose components are backed up by other
machines around the world, Crawford said.
Prevention of DDOS attacks will eventually mean "having fewer zombies
out there," she said. "People are turning millions of PCs into
weapons... and we don't have a lot of data about what is happening.
Researchers are often operating in the dark," Crawford said.
The U.S. Computer Emergency Readiness Team and its facilitator, the
Homeland Security Department, are largely reactive in their approach.
"From the outside, it looks as if [DHS] doesn't really know what it's
doing," she said. "They're trying, but many of their efforts lack
timeframes for completion."
DHS also suffers from a high turnover rate among senior officials, but
the agency now has Greg Garcia as its cyber-security czar, who is
attempting to address the problem, Crawford said. He was previously vice
president at the Information Technology Association of America.
Garcia has talked about the need for legislation but Crawford said she
is "not convinced" that a new U.S. law can offer a cure for denial of
service attacks because congressional action "is too local for the
Crawford advocated turning more attention and money to focus on
prospective global educational efforts. A new multi-stakeholder entity
"with a new, friendly acronym" might be the best solution, she said.
"None of the existing institutions will work," Crawford said. ICANN
cannot do the job because its power is contractually based and too
narrow, and the recently launched Internet Governance Forum is "highly
political" and "not necessarily the best forum for a technical
discussion of best practices," she contended.
Crawford added that improvements in routing security, which is "how
packets go from one place to another," are also needed. A hacker could
inject phony paths into a routing algorithm in order to intercept
packets or trigger a DDOS attack. The susceptibility for such an assault
grows as the size of so-called "routing tables" increases to accommodate
the next-generation Internet known as IPv6, she said.
(c) 2007 by National Journal Group Inc. All rights reserved.
Subscribe to InfoSec News