Close
  • Latest News
  • Artificial Intelligence
  • Big Data and Analytics
  • Cloud
  • Networking
  • Cybersecurity
  • Applications
  • IT Management
  • Storage
  • Sponsored
  • Mobile
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
Read Down
Sign in
Close
Welcome!Log into your account
Forgot your password?
Read Down
Password recovery
Recover your password
Close
Search
Logo
Logo
  • Latest News
  • Artificial Intelligence
  • Big Data and Analytics
  • Cloud
  • Networking
  • Cybersecurity
  • Applications
  • IT Management
  • Storage
  • Sponsored
  • Mobile
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
More
    Home Cybersecurity
    • Cybersecurity

    Root Server Attack Fizzles

    By
    Matt Hines
    -
    February 7, 2007
    Share
    Facebook
    Twitter
    Linkedin

      An attack, apparently intended to get the attention of the security community, failed in its attempt to bring down, or even slow down, the Internet, analysts say.

      According to the ICANN (Internet Corporation for Assigned Names and Numbers), the attack was aimed at one of its root servers—the top-level servers that translate requests for names into IP addresses so computers can retrieve the data on the Internet that users need.

      The attack, which took place early the morning of Feb. 6, was described as a distributed denial of service attack, and was apparently intended to so overwhelm the target servers that Internet users would be unable to resolve names, and therefore not be able to reach some Web sites.

      Unfortunately for the perpetrators, their efforts went largely unnoticed. In fact, at Verizon, which operates metropolitan area networks including MAE East and MAE West, was unaffected.

      A spokesperson said that the operators of those networks were unaware that the attacks had taken place until theyd read about them in the news.

      “It was a concerted attack,” said Paul Levins, vice president of corporate affairs for ICANN, speaking to eWEEK from Brussels, Belgium. “What it demonstrated was that the distributed nature of the Internet withstood it, and the average users would have barely noticed,” he said.

      Levins said that while there are a number of theories about where the attack came from or who might be responsible, he stressed that nothing is certain.

      “Were still analyzing the attack itself,” Levins said. He said that ICANN was analyzing the root server that it manages, but he also noted that the Internet community as a whole was diligent in its approach to handling the attack.

      “Theyre analyzing it based on fact rather than making early statements about what the motivations were or the targets were,” he said.

      Levins said that a few of the root servers were affected heavily, although he said that theres no indication yet that any were actually taken offline as a result of the attack.

      He said that because the root servers, as well as the staffs that run them, are highly distributed, the operators could work to mitigate the effects of the attack. “We learn from those experiences, which is a good thing,” Levins said.

      However, security experts said they were puzzled by the nature of the attack, and they had some ideas of their own as to the motivations, and origin of the attack.

      “I think that its quite strange that the bad guys used botnets to attack the Internet,” said Eugene Kaspersky, founder of The Kaspersky Lab in Moscow, Russia. “To develop such a botnet takes time and resources. Usually theyre developed to steal money. In this case the botnet was used to attack the Internet. I dont see the reason.”

      However, Kaspersky noted that despite the best efforts of the attackers, not much actually happened.

      “Its kind of Internet fireworks,” he said. “Its just a joke.” Kaspersky said that more details are needed, however, before the attack is really understood.

      Other analysts agree. Randy Abrams, director of technical education at anti-virus software company ESET said in a prepared statement that the impact on the Internet was minimal.

      “While the motivation for the attack is unknown, there are several plausible explanations,” he said.

      Abrams said they included mischief, diversion (so that something else can be attacked while the analysts are focusing on the root server attack), or for testing, so a bigger or better attack could be developed.

      However, David Moll, co-chairman of Webroot Software, said he thinks he knows whats up, and that he thinks its no coincidence that the attack happened when it did.

      “Its very clearly a coordinated and sophisticated attack on the largest infrastructure in the United States and globally,” Moll said. “We believe its a coordinated muscle-flex while the industry is meeting this week at RSA.”

      /zimages/6/28571.gifClick here to read more about security products expected at the RSA conference.

      Webroot CTO Gehard Eschelbeck expanded on the companys findings. “Theres been a clearly visible rise in botnets over the last couple of weeks,” he said. “We believe that was a clear sign of preparation for this attack.”

      Moll said that the company also thinks the location from which the attacks were launched has been found, based on what theyre finding from their human researchers and their automated threat detection network. He said it was a multi-pronged attack originating in South Korea.

      Webroot CEO Peter Watkins says he thinks this experience will help security researchers prepare for the next try.

      “We believe we can begin to establish predictive patterns in the use of botnets,” Watkins said, “and better predict these types of attacks when we see a malicious uptick in activity of the nature leading up to this type of attack.”

      “We should be able to throw up warning signs,” he said, but added, “We should also be better at coordinating with the government to share this kind of information.”

      Kaspersky said that while the attack on the root servers could have been serious, the Internet has other, more serious, pressures already.

      “There are bigger problems. There are more fresh worm attacks. There are better distributed attacks,” he said.

      “There is a low risk that the Internet can be damaged by such an attack,” he said, adding that it would be much worse if such an attack were aimed at a single provider.

      Kaspersky said that the Internet is designed to survive attacks that are vastly worse than a denial of service attack against a few servers. He noted that even huge natural disasters havent managed to bring down the Internet.

      “This demonstrates how well the Internet is built,” Levins said.

      Check out eWEEK.coms Security Center for the latest security news, reviews and analysis. And for insights on security coverage around the Web, take a look at eWEEKs Security Watch blog.

      Matt Hines
      Get the Free Newsletter!
      Subscribe to Daily Tech Insider for top news, trends & analysis
      This email address is invalid.
      Get the Free Newsletter!
      Subscribe to Daily Tech Insider for top news, trends & analysis
      This email address is invalid.

      MOST POPULAR ARTICLES

      Latest News

      Zeus Kerravala on Networking: Multicloud, 5G, and...

      James Maguire - December 16, 2022 0
      I spoke with Zeus Kerravala, industry analyst at ZK Research, about the rapid changes in enterprise networking, as tech advances and digital transformation prompt...
      Read more
      Applications

      Datadog President Amit Agarwal on Trends in...

      James Maguire - November 11, 2022 0
      I spoke with Amit Agarwal, President of Datadog, about infrastructure observability, from current trends to key challenges to the future of this rapidly growing...
      Read more
      IT Management

      Intuit’s Nhung Ho on AI for the...

      James Maguire - May 13, 2022 0
      I spoke with Nhung Ho, Vice President of AI at Intuit, about adoption of AI in the small and medium-sized business market, and how...
      Read more
      Applications

      Kyndryl’s Nicolas Sekkaki on Handling AI and...

      James Maguire - November 9, 2022 0
      I spoke with Nicolas Sekkaki, Group Practice Leader for Applications, Data and AI at Kyndryl, about how companies can boost both their AI and...
      Read more
      Cloud

      IGEL CEO Jed Ayres on Edge and...

      James Maguire - June 14, 2022 0
      I spoke with Jed Ayres, CEO of IGEL, about the endpoint sector, and an open source OS for the cloud; we also spoke about...
      Read more
      Logo

      eWeek has the latest technology news and analysis, buying guides, and product reviews for IT professionals and technology buyers. The site’s focus is on innovative solutions and covering in-depth technical content. eWeek stays on the cutting edge of technology news and IT trends through interviews and expert analysis. Gain insight from top innovators and thought leaders in the fields of IT, business, enterprise software, startups, and more.

      Facebook
      Linkedin
      RSS
      Twitter
      Youtube

      Advertisers

      Advertise with TechnologyAdvice on eWeek and our other IT-focused platforms.

      Advertise with Us

      Menu

      • About eWeek
      • Subscribe to our Newsletter
      • Latest News

      Our Brands

      • Privacy Policy
      • Terms
      • About
      • Contact
      • Advertise
      • Sitemap
      • California – Do Not Sell My Information

      Property of TechnologyAdvice.
      © 2022 TechnologyAdvice. All Rights Reserved

      Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.

      ×