VeriSign: DoS attack could shut down internet

25 Sep 2007

Tom Espiner/ZDNet.co.uk

http://news.zdnet.co.uk/security/0,1000000189,39289635,00.htm



Denial-of-service attacks are growing faster than bandwidth is being added to the internet, according to VeriSign, the company that administers the .com domain.

Criminal groups selling services online are increasingly threatening the fabric of the internet, as the size of the compromised networks of computers they control increases, according to VeriSign.

The company claimed that a successful denial-of-service (DoS) attack against VeriSign could bring down the internet. "There are attacks attempting to shut down our servers," said Ken Silva, VeriSign's chief security officer. "This would effectively shut down the internet."

Thanks for admitting that too much power/control lies at VeriSign. This should push folks to move to a more decentralized Internet.

Silva said that although DoS attacks are difficult to trace, there are "a couple of well-known groups in Russia, China and Romania" that may be acting with their government's knowledge. "It would be hard to imagine groups who have this much activity going unnoticed by their governments," he said.

Yes, just like the US government is so hip to all the activity going on here in the states!

The chief security officer said that VeriSign "hoped to get smarter" in blocking malicious traffic. "We can continue to add bandwidth, but ultimately 20 years down the road, this can't continue as a footrace. The internet as a whole has to get smarter in denying DoS attacks."

VeriSign is currently upgrading its infrastructure in a scheme called Project Titan. This has included adding bandwidth, but it is also monitoring its systems more closely.

"Our monitoring systems now resemble those for the space shuttle," said Silva. "We monitor the capability of our CPUs and memory allocation on all of our servers. We're predicting what problems will occur rather than waiting for them to occur."

A spike in CPU/Memory usage would be a prediction of a problem?

Many public-sector organisations in the UK suffer from DoS attacks. The Probation Service has upgraded its servers in the past week to cope with the traffic created by botnets, according to a security manager for the Probation Service.

"We've had to upgrade our hardware in the last week to cope with an unexpected increase in the volume of malicious traffic at the network gateway," the security manager told ZDNet.co.uk. "Simply coping with that is compromising our ability to run our business. The problem is simply coping with what is coming at us."

Tim Pickett, a former technical security analyst at AOL, said that ISPs should monitor their networks to mitigate DoS attacks. "ISPs should be monitoring what's going through their networks," said Pickett. "More should be done to tackle the problem on the ISP side."


main page ATTRITION feedback