Suddenly everyone has a cyberweapon; and they're big

Read this quick, before the Internet implodes!

Researchers who describe their technique in language that could put a wonk to sleep, and yet link to bios that show one of the ringleaders riding a giant fiberglass jackalope, debuted a cyberweapon that has the potential to destroy the Internet by using its most important routers gainst it.

In"Losing control of the internet: using the data plane to attack the control plane" researchers from the University of Minnesota describe a way to exploit the Border Gateway Protocol (BGP) that the Internet's core routers use to communicate with each other.

The routers use BGP to identify one another and the best routes along which to send data to one another. When one goes down, others send out BPS notifications to others can re-route traffic around the outage.

The paper describes a "cyberweapon" called a "Coordinated Cross Plane Session Termination (CXPST), technique that allows attackers to map the connection paths and choose those with the greatest potential for disruption.

Then they use a previously discovered technique called ZMW to break the connection.

That causes each router to send out notifications that the other is offline – notifications that ripple out to every router on the Internet, which reroute traffic to avoid the two "downed" routers.

After a break, the two original routers reconnect, send out updates saying they're fine, and traffic flows back to them.

When it does they break connection again, sending out another Internet-wide wave of notices.

This continues until every router on the Internet has such a long queue of bogus outage notifications that it can't catch up, and eventually goes offline.

The paper predicts it should take about 20 minutes, using a botnet of about 250,000 machines.

A botnet that size could be a threat to a single good-sized Web site; using this technique it could, theoretically, take down the whole Internet.

The guy riding the jackalope, by the way, also put in a link to this page, which shows the hype cycle of an inaccurate or misunderstood science story that hits the media and causes panic.

If the jackalope didn't do it, that at least shows he has a sense of humor, but that doesn't mean the threat isn't serious.

Following a scare in 2008, there's been a lot of attention to BGP attacks of various kinds and how to prevent them.

Luckily, with information this sensitive, no one's going to post the information in a place it could be used irresponsibly. Like in a 4Chan/Anonymous/hactivist newsgroup.

Which is a relief.

Because it balances out the news that Anonymous got itself a copy of the Stuxnet source code and, as we heard today, released it online.

Time to go stock up on all that quaint Amish stuff you saw in the museum that time, because that's all that's going to work after all the power and water systems crash, traffic systems get permanently snarled, nuclear power sites overload and the Internet goes away.

Best advice: before the apocalypse, watch a lot of Man v. Wild and develop a taste for grub.

Kevin Fogarty writes about enterprise IT for ITworld. Follow him on Twitter @KevinFogarty.

Morale boosters: 5 proven ways to motivate your IT team
View Comments
You Might Like
Join the discussion
Be the first to comment on this article. Our Commenting Policies