Someone Is Said to Be Attacking the Companies That Maintain the Internet. But Who?

By
Photo: Anya Berkut/Getty Images

Just in case you thought cyberwarfare was a worst-case scenario, a figment of your imagination that only science fiction could dream up, cybersecurity expert Bruce Schneier is here with an extremely sensational wakeup call.

In a piece titled, “Someone Is Learning How to Take Down the Internet,” Schneier describes unspecified reports from “companies that run critical pieces of the internet” about how distributed denial-of-service (DDoS) attacks against them are increasing. These DDoS are easy to explain: Simply bombard a target with enough traffic to overwhelm their bandwidth capabilities.

It gets more curious though.

Recently, some of the major companies that provide the basic infrastructure that makes the Internet work have seen an increase in DDoS attacks against them. Moreover, they have seen a certain profile of attacks. These attacks are significantly larger than the ones they’re used to seeing. They last longer. They’re more sophisticated. And they look like probing. One week, the attack would start at a particular level of attack and slowly ramp up before stopping. The next week, it would start at that higher point and continue. And so on, along those lines, as if the attacker were looking for the exact point of failure.

In other words, some entity is not actually carrying out an attack on the core infrastructure of the internet, so much as they are doing a dry run. Still, that requires the unnamed companies under attack to put up a defense, showing their hand and displaying their capabilities.

Exactly who is behind these attacks is unclear. It might be one body, it might be multiple. What is clear is that it’s definitely not a small actor. “Profiling core infrastructure is common practice in espionage and intelligence gathering,” Schneier writes. “It’s not normal for companies to do that.” It’s also not normal for activists or small groups of hackers to do so.

Schneier’s best guess is that it’s China. The only organization that might be able to answer the question definitively is the NSA. And that’s probably not going to happen.