Internet Ripe for Crash

Wednesday, February 16, 2011 @ 03:02 PM gHale

A new cyberweapon could take down the entire Internet, and no one can stop it if you believe the masterminds behind it.

The brains behind this digital weapon are Max Schuchard at the University of Minnesota in Minneapolis and his team. The goal of developing this plan is to suggest improvements to defend the Internet.

Schuchard’s attack pits the structure of the Internet against itself. Hundreds of connection points in the net fall offline every minute, but we don’t notice because the net routes around them. It can do this because the smaller networks that make up the Internet, known as autonomous systems, communicate with each other through routers. When a communication path changes, routers inform their neighbors through a system known as the border gateway protocol (BGP). These routers inform other neighbors in turn, eventually spreading knowledge of the new path throughout the Internet.

Schuchard presented his findings at the Network and Distributed System Security Symposium.

A previously discovered method of attack in the U.S. four years ago, called ZMW after its three creators Zhang, Mao and Wang, disrupts the connection between two routers by interfering with BGP to make it appear that the link is offline. Schuchard and colleagues worked out how to spread this disruption to the entire Internet and simulated its effects.

The attack requires a large botnet – a network of computers infected with software that allows them to be externally controlled. Schuchard said 250,000 machines would be enough to take down the Internet. Botnets often perform distributed denial-of-service (DDoS) attacks, which bring web servers down by overloading them with traffic, but this new line of attack is different.

“Normal DDoS is a hammer; this is more of a scalpel,” Schuchard said. “If you cut in the wrong places then the attack won’t work.”

An attacker deploying the Schuchard cyberweapon would send traffic between computers in their botnet to build a map of the paths between them. Then they would identify a link common to many different paths and launch a ZMW attack to bring it down. Neighboring routers would respond by sending out BGP updates to reroute traffic elsewhere.

A short time later, the two routers would reconnect and send out their own BGP updates, upon which attack traffic would start flowing in again, causing them to disconnect once more. This cycle would repeat, with the single breaking and reforming link sending out waves of BGP updates to every router on the Internet. Eventually each router in the world would be receiving more updates than it could handle – after 20 minutes of attacking, a queue requiring 100 minutes of processing would have built up.

While that scenario is unlikely, an alternative would be the nuclear option in a full-blown cyberwar – the last resort in retaliation to other forms of cyberattack.

Schuchard’s simulation showed existing fail-safes built into BGP do little to protect against his attack. One solution is to send BGP updates via a separate network from other data, but this is impractical as it would essentially involve building a shadow Internet.

Another is to alter the BGP system to assume that links never go down, but this change would have to cover at least 10 percent of all autonomous systems on the Internet, according to the researchers’ model, and would require network operators to monitor the health of connections in other ways. Schuchard said convincing enough independent operators to make the change could be difficult.

Leave a Reply

You must be logged in to post a comment.