We all rely on computers networks to withdraw money, to make credit card purchases, to pay our bills and to use the Internet to shop, among other things. In addition, in many cities we access networks to enter and exit public transit systems and in many suburbs utilize transponders to access highways so that we can get to work. Many of us use VOIP technology using the Internet and its system of routers and switches to make telephone calls. Now, imagine that our country was attacked and those networks were brought down. Without a drop of blood lost or house flattened, it would look like a hurricane hit. Lines of people might form outside of banks waiting to get cash because banks’ ATM machines were no longer working. Other lines would form outside of stores as retailers would have to physically record purchases and manually deduct them from their inventory as their networks would be down. (This assumes that those stores would open.) Highways and public transit systems would be clogged as we would be forced to wait in line to hand over our tolls and fares to temporary and overtime employees who would deposit our coins and dollar bills into baskets and boxes. Many of our telephones would be dead.
Could such an attack happen? In Estonia, after the government moved a bronze statue of a Soviet soldier from a park in its capital, Tallinn, to a military graveyard last month, a swarm of junk messages brought down the e-mail server of the Estonian parliament and affected the web sites of that country’s President, Prime Minister and several of its newspapers. Then on May 9th, which was celebrated by Russians as Victory Day, both celebrating Russia’s victory over Nazi Germany and honoring its World War II war dead, traffic to Estonia spiked to thousands of times the normal flow ultimately forcing Estonia’s biggest bank to shut down its online service temporarily. As of yesterday, that bank had to continue to block access to 300 suspect Internet addresses and had suffered losses of at least $1,000,000.
How was this done? By means of a distributed denial-of-service attack. Your first wave of attackers bombards a country’s web sites with data, clogging not only the country’ servers, but also the Internet’s routers and switches. Then reinforcements are brought in, infiltrating computers around the world with software known as bots and banding them together in networks to magnify the attack. As in conventional war, you test the enemy’s defenses first, in this case this was done by sending out a single huge burst of data to measure the capacity of the network. Once you’ve determined the enemy’s weaknesses, you then exploit its vulnerabilities by sending data from multiple sources reaching the upper limits of the Internet’s routers and switches.
In this case, as many as a million computers may have been used in the attack on Estonia sending out data streams that were the equivalent at one point of downloading the entire Windows XP operating system every six seconds for 10 hours.