Total Pageviews

The Internet Attack That Wasn\'t

For an hour this afternoon, the entire Internet came under attack. Or so it seemed.

Brian Krebs, a closely followed computer security blogger, reported on Twitter that he had received a tip that the servers that power the entire Internet were under attack. The well-regarded Mr. Krebs linked to an Internet Traffic Report that said nine out of 13 Doman Name System servers had been disabled in the largest denial of service ever reported - topping a 1997 incident in which a technical glitch disabled seven DNS root servers.

“At 1:45pm for about one hour an extremely large distributed denial-of-server (DDoS) attack took place. The target of the attack were the 13 DNS root servers, which are responsible for helping to resolving domain names to their respective IP's. Even though 9 of the 13 servers were disabled in the attack, the remaining were able to support the additional load without any widespead problems. Prior to this attack, the largest outage for the root registry was 7 machines in July of 1997, due to a technical problem.”

An attack on the Domain Name System would be devastating. The system converts people-friendly domain names like yahoo.com into the numeric addresses that computers use to route traffic. By attacking the root servers that power the system, attackers would crash the Internet's switchboard, making it impossible for people to reach Web sites.

Anonymous, the loose hacking collective, threatened to take down the DNS root servers in March - an effort that was unsuccessful but that prompted a multimillion-dollar global effort to beef up the DNS system, given the potential for devastation.

But this afternoon's report was a false alarm. And the unusual traffic directed at the DNS root servers was actually the Internet's version of a fire drill. The Internet Traffic Report Mr. Krebs linked to was actually from 2002.

According to people who work closely with the DNS system, who declined to be named because they were not authorized to speak, those who defend the Domain Name System underwent an exercise this week to simulate a denial of service attack on its root servers. The simulation was part of a regular exercise conducted every six months, to make sure the system can withstand large amounts of traffic in the event of attack.

The exercise was timed a little more than one week after Leon E. Panetta, the defense secretary, warned that the United States was vulnerable to “cyber-Pearl Harbor,” with foreign hackers determined to attack the nation's critical infrastructure, like its water supply and power plants.

As for Mr. Krebs, he later Tweeted that people should disregard his earlier message. “Some days I just want to unplug and play Halo,” Mr. Krebs wrote. “This is one of those days.”