"A new cyberweapon could take down the entire internet – and there's not much that current defences can do to stop it."
So say Max Schuchard at the University of Minnesota in Minneapolis and his colleagues, the masterminds who have created the digital ordnance.
So, what is it and how does it work?
The Way The Internet Works:
We have a “smart” system. Not all the connections work all the time. In reality, there are routers on the net which are ‘up’ and ‘down’ all the time.
Any given “message” is broken up into packets which are shuttled around the blocked spots because the net is made to check if the immediate next router is up or down and if down is rerouted. At the final step, the packets are reassembled into the original message. When a communication path changes, nearby routers inform their neighbors through a system known as the border gateway protocol (BGP). These routers inform other neighbors in turn, eventually spreading knowledge of the new path throughout the internet.
The Method of Attack:
A previously discovered method of attack, named ZMW – after its three creators Zhang, Mao and Wang, researchers in the US who came up with their version four years ago – disrupts the connection between two routers by causing the ‘sending’ router to think the ‘receiving’ router is ‘down’.
When enough computers on the net are infected and made part of a huge “botnet”, the internet will be “down”, although in reality, it’s perfectly capable of transmitting information. How large a botnet is required? Schuchard has calculated approximately 250,000. This wouldn’t be the run of the mill DDoS attack which swamps servers with traffic. This would be the opposite.
Here the botnet would map and identify central “choke” points and cut there. Rerouting traffic would only replicate the original process of mapping and cutting in waves because of the BGP protocol which takes time to propagate. The backlog would become so great, the net would collapse. With every router in the world preoccupied, natural routing outages wouldn't be fixed, and eventually the internet would be so full of holes that communication would become impossible. Shuchard thinks it would take days to recover.
So, what’s the defense? Well, an “off switch”. “But no such thing exists”, we all say. Sure it does: Just by adjusting the BGP from short to long.
This is how to launch a cyberattack and protect one’s own country’s net from attack. Egypt did exactly that.
Impractical solution number two: Send BGPs by a separate ‘shadownet’. Impractical because that would require a second Internet to be built. Another solution is to have 10% of operators monitoring the health of the Internet by alternative means, and that probably would prove difficult despite what was seen with the net disruptions caused by the Slammer Worm in 2003.
Source: Gizmodo