According to the Washington Post, Amit Yoran describes the widespread DDOS attack against US Federal agencies as "loud and clumsy," suggesting it was carried out by an unsophisticated organization. This statement led to a simple question during a phone call with a network security analyst at a state agency. “If this was executed by amateurs, then why couldn’t the experts prevent it?” This is a great question that deserves a analogy:
Give 10,000 uneducated men a loaded weapon. No military experience is required. Point them at a target and have them squeeze the trigger. The attack will be suppressed, but not before there are casualties or loss of life. It doesn’t have to be pretty, you just need enough force.
It’s the same with DDOS. Substitute armed men for bots/zombies and bullets for billions of packets aimed at Federal agencies. Whether you flood your target with waves of armed soldiers or billions of UDP packets, it’s the same principle: defenses can only withstand a certain level of pressure. We’ve known for over a decade that the Internet’s Achilles Heel is DOS/DDOS. But this vulnerability can only be exploited when sufficient force is applied.
If the goal of this month’s cyber attack was to temporarily disrupt the web presence of US Federal agencies, amateurs or not, their mission was accomplished. Returning to original question regarding experts preventing amateur attacks, let me offer a better question: What will happen when the “experts” launch an attack? Temporary disruption is just the tip of the ice berg.
Si
Comments