Hackers from China launched a massive attack on several large network operations centers at 8:00am CST March 8, 2011. As many as 1.5 million packets per second paralyzed the networks. The perpetrators used malware to invade servers all over the Internet that have weak security. It’s called a distributed denial of service attack or DDoS for short.
After the poorly protected servers were infected, they became zombies, listening for instructions from their remote mastermind. When the command was given the army of zombie servers began attacking networks carrying an opposing political point of view. Blogging sites such as WordPress and others have experienced such an attack in the past week.
So how much damage can an army of zombies do? It is not so dissimilar to a zombie movie. You know, the one where someone is talking to a friend and they don’t realize they’ve been infected and suddenly they turn on them and begin chewing on their necks. You might think that these zombie servers are off in some third world country. Not so. Many are right here in our midst. It is not as simple as AT&T cutting the cable to disconnect the threat. The attackers come from everywhere. It’s a zombie fest where you have to deal with blocking many zombies coming from different directions. They can literally stop all communication dead in its tracks.
How much trouble can zombies cause? Basically, when zombie servers attack, your network can become as isolated as those folks caught in the local shopping mall trying to fend off the zombies coming in through the doors, windows and breaking through walls. We have become so dependent on the Internet that everything is subject to failure. Even the phones can die because many now use voice over IP (VoIP) and transmit over the Internet. It is a critical problem and a vulnerability for America.
Are there any weapons that will kill the zombies? The answer to that question is yes. Cisco makes a product that detects a potential attack and takes corrective action – as do other companies. The problem is that many large network companies don’t use them. In the case of large Internet companies like AT&T, they don’t discriminate and send packets through regardless of their nature. They make no attempt to distinguish zombies. It is left up to the network operation center to fend for themselves. An operation with a big budget can afford this kind of equipment but it is still out of reach for a small operation.
The bottom line is that we know this is a problem for national security. We even have a technical solution. The question is what is the plan to protect American infrastructure? I feel like the professor shouting Buehler, Buehler – it’s an ‘80’s thing.