sebastian on Fri, 27 Jan 2017 16:33:10 +0100 (CET)

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

<nettime> Russia? China? It's bored kids you should fear, and Minecraft!

TL;DR: If this is already too long, forget it. But here's the bottom line: If 
you want to continue debating "foreign cyber-warfare targeting Western 
democracies" without looking like an utter clown, you should read the articles 
linked below. Specifically (3), which is the most illuminating piece of 
investigative journalism I have read online all month, and (4), because instead 
of perpetuating myths about technology, it documents how stuff actually works.

Most likely, you don't remember it, but some may recall that in September 2016, 
the Internet went down for an entire afternoon, leaving many of the most 
popular websites and social media platforms unreachable for hours. This was 
widely reported as an unprecedented cyber attack on the infrastructure of the 
United States. Bruce Schneier, usually regarded as one of the most respectable 
security researchers in the world, wrote in the wake of the incident:

"We don't know who is doing this, but it feels like a large nation state. China 
or Russia would be my first guesses. [...] "It feels like a nation's military 
cybercommand trying to calibrate its weaponry in the case of cyberwar." (1)

Schneier made big waves again in November, when he testified in front of U.S. 
Congress. His declaration was widely quoted:

"It might be that the internet era of fun and games is over, because the 
internet is now dangerous." (2)

Meanwhile, Brian Krebs, another well-known security researcher, decided to do 
some proper research about the incident. Last week, he published his findings 
(3). Not only did he find out who was behind the attack, his account also 
dispels some of the most persistent myths about cyber-war on the Internet:

- Basically, the entire thing happened because he blocked someone on Skype.

- The target wasn't the United States, Silicon Valley or Western Democracy, but 

- The clandestine actors that command the largest denial-of-service attacks 
  that the Internet has ever seen are not foreign intelligence agencies, but
  a cottage industry of DDoS protection providers, a racket of small-time 
  extortionists: the Minecraft mafia. These are bored kids in college dorms in 
  the United States.

- A suprisingly effective measure to mitigate such a denial-of-service attack 
  (launched through hundreds of thousands of insecure "Internet of Things" 
  devices, like security cameras or toasters), is to call up an ISP upstream
  of the botnet's command-and-control center, and tell them to turn it off.

- The era of fun and games on the Internet is still very much on.

Below is an excerpt from a longer conversation between the perpetrator of last 
September's attacks and one of his targets (4):

[10:49:11 AM] katie.onis: i love the conspiracy guys thinking this is china or 
another country haha
[10:49:18 AM] live:anna-senpai: yea
[10:49:22 AM] live:anna-senpai: lol
[10:49:29 AM] katie.onis: can't deal with the fact the internet is so insecure
[10:49:31 AM] katie.onis: gotta make it sound hard
[10:49:34 AM] live:anna-senpai: the scheiner on security blog post
[10:49:40 AM] live:anna-senpai: "someone is learning how to take down the  
[10:49:47 AM] live:anna-senpai: lol

Last night, a friend reminded me that if you look at the pricing for such 
attacks -- and there is no reason to doubt the numbers quoted in Brian Krebs' 
research -- then renting a botnet and shutting down the Internet for an hour or 
two is astonishingly cheap. His idea was that this could become a fashionable 
way for nerds to propose to their fiancées: Hey darling, I wanted your full 
attention, so I turned off the Internet for a moment... 





#  distributed via <nettime>: no commercial use without permission
#  <nettime>  is a moderated mailing list for net criticism,
#  collaborative text filtering and cultural politics of the nets
#  more info:
#  archive: contact:
#  @nettime_bot tweets mail w/ sender unless #ANON is in Subject: