The Big One

A serious Internet attack will spread virally while destroying data and erasing hard disks everywhere at once.

Californians like to talk about the Big One: the disaster-of-the-century earthquake that will wreck the state. Its coming soon, they say. Well, so is the big attack that will shut down the Internet completely and destroy all computers—the online equivalent of the Big One. So far, all weve had are slight tremors.

The viruses and denial-of-service attacks weve seen so far are nuisances. They clog up e-mail systems or send inane messages. The most efficient attacks spread rapidly and then are eradicated by patches and updates to antivirus programs. But we havent yet seen an attack that delivers a serious payload both to the machines propagating the problem and to the Internet infrastructure.

To accomplish this would require using all available means to penetrate every machine and spread virally while destroying data and erasing hard drives everywhere at once. A disaster like this might finally make the community take some action. We already know that users will always do dumb things to trigger problems. But the computing environment itself encourages this, in many ways. Here are my concerns.

24/7 computing. I have failed to grasp the push by Microsoft and others for being online 24/7. Cable modem lash-ups are the most dangerous high-speed weapon in a DNS attack and are installed as always-on connections in the homes of the most naive users.