Wednesday, February 07, 2007

Internet's Backbone servers attack could be a terrorist test.

Zombie computers likely played a part in last night's major attack against key root servers which form the backbone of the internet. Users' computers are likely to have been taken over by hackers to create zombie networks or 'botnets', in order to bombard the internet's Domain Name System (DNS) servers with traffic. They note that while the computer owners may have been unaware that their PCs were compromised, had the attack been successful then all website access and email delivery would have been suspended globally. Theoretically these zombie computers could have brought the web to its knees, and while the resilience of the root servers should be commended, more needs to be done to tackle the root of the problem - the lax attitude of some users towards IT security. I see this problem more and more coming up in the SMB market where there is less security awareness: A problem I personally try to tackle with my lectures for the KMO-IT (see below this blog) these days. Everybody is almost totally reliant on the internet for day-to-day communication - it's ironic that the people who depend on the web may have been the ones whose computers were secretly trying to bring it down.
Root servers, which manage the internet's Domain Name System are essentially acting as an address book for the internet. UltraDNS, which manages traffic for websites ending with the suffix .org and .info, confirmed that it had witnessed an unusual increase in traffic. In all, three of the 13 servers at the top of the DNS hierarchy are said to have felt the impact of the attack, although none are thought to have stopped working entirely. Fortunately the system is designed to be extremely resilient to these kind of attacks, and the average man in the street won't have noticed any impact. Some reports have suggested that much of the attack traffic may have come from computers based in South Korea. However, the motivation for the attack remains unclear. It could be a test for a coming terrorist attack on the internet but it could be also something completely different. It's very difficult to say. Whatever the motives of the people responsible for this assault, everyone needs to properly defend their pc from being taken over by hackers and used for criminal purposes. According to reports, last night's incident was the most significant attack against the DNS backbone since October 2002. Try be aware and find out that your pc's are not under someone else's control. Use at least decent security software and hardware everywhere on your network and pc's.