Someone Is Learning How to Take Down the Internet (@schneierblog)
Bruce Schneier, “Someone Is Learning How to Take Down the Internet”:
One company told me about a variety of probing attacks in addition to the DDoS attacks: testing the ability to manipulate Internet addresses and routes, seeing how long it takes the defenders to respond, and so on. Someone is extensively testing the core defensive capabilities of the companies that provide critical Internet services.
Who would do this? It doesn’t seem like something an activist, criminal, or researcher would do. Profiling core infrastructure is common practice in espionage and intelligence gathering. It’s not normal for companies to do that. Furthermore, the size and scale of these probes – and especially their persistence – points to state actors. It feels like a nation’s military cybercommand trying to calibrate its weaponry in the case of cyberwar. It reminds me of the US’s Cold War program of flying high-altitude planes over the Soviet Union to force their air-defense systems to turn on, to map their capabilities.
Who would do this, and who could do this? Most implications are China or Russia, and there are undoubtedly some other countries that are capable.
I wonder if cybersecurity will be discussed tonight at the first presidential debate, the topics of which include, “America’s Direction,” “Achieving Prosperity,” and “Securing America.”