Pundits say that the recent hacker threats of shutting the Internet’s root Domain System (DNS) servers and cutting online connectivity won’t be possible, at least not at the moment.
The hackers are alleged members of Anonymous who intends to carry out their so-called “Operation Global Blackout” on March 31. The ploy will serve as a retort against Wall Street for implementing SOPA, calling them “irresponsible leaders and the beloved bankers who are starving the world for their own selfish needs.”
The group avers of having able to compile a “Reflective DNS Amplification DDOS tool” based on AntiSec’s DHN tool. Here’s a fraction of their Pastebin post detailing the basics:
“The principle is simple; a flaw that uses forged UDP packets is to be used to trigger a rush of DNS queries all redirected and reflected to those 13 IPs (of the targeted root DNS servers),” the post notes. “The flaw is as follow; since the UDP protocol allows it, we can change the source IP of the sender to our target, thus spoofing the source of the DNS query.”
As menacing and convincing as that may sound, experts say that taking down the worldwide web wouldn’t be a walk in the park. Rod Rasmussen, president and chief technology officer of security firm IID, pointed out that root operators are already aware of this threat, and it’s been there for some time. Previous attack has only incurred it minimal negative effects. Errata Security CEO Robert Graham also said that it’s virtually impossible to take down all of the Internet’s servers for significant periods.
“To have a serious shot at taking out all 13, a hacker would have to test out attacks on each one,” Graham blogged. “But, the owners of the systems would notice the effectiveness of the attacks, and start mitigating them before the coordinate attack against all 13 could be launched.”
“The #Anonymous hackers can [certainly] cause local pockets of disruption, but these disruptions are going to be localized to networks where their attack machines are located, or where their “reflectors” are located,” he continued. “They might affect a few of the root DNS servers, but it’s unlikely they could take all of them down, at least for any period of time. On the day of their planned Global Blackout, it’s doubtful many people would notice.”
Because of the operation being a flurry of miscalculations, Ramussen suspects that the “Pastebin post was a hoax or ‘troll’ by an individual rather than any collective/consensus operation. Regardless of the authenticity of this specific threat, the root operators are continuously working on mitigating issues, most of which being unintentional, that could potentially impact the core DNS, and doing a pretty good job overall.”
“The case for this being a troll is an easy one,” said Kit Dotson, SiliconANGLE’s HackANGLE editor; “it’s the function of Anonymous as a group that depends not just on consensus of idea, but of action, and most of the individuals who choose to take up that banner use the Internet on a regular basis. There’s so little reward to taking down the Internet itself–especially if the point is that other governments are trying to censor it–that most individuals won’t want to be part of this, which will greatly diminish any impact it could possibly have.”
This isn’t the first time an Anonymous subgroup threatened to take down the Internet. There was one that was scheduled to happen on March 8, then it was pushed to March 30, and this they will carry out still by aiming a distributed denial-of-service attack at the DNS root servers. This has taken Anonymous at long lengths but the FBI has a kill switch that thanks to a massive infection by a DNS hijacking virus, could actually disrupt portions of the Internet with just a press of a button, and they might flip that switch on March 8.