The Twitter micro-blogging service was knocked offline this morning for several hours as a result of a denial of service attack (DDoS). Twitter has confirmed and reported the attack in a post on its official blog earlier today: "We are defending against this [DDos] attack now and will continue to update our status blog as we continue to defend and later investigate." The company later reported that the service as been resumed but they are still continuing to defend against and recover from this attack. No further updates have been provided yet. more
As a follow up to Susan Brenner's Networks and Nationalization and my comment there, I will go further in this post and talk about the "cyberwar" and "offense" aspects of her article. I think I made this point elsewhere as well... but before getting into a war, it'd be a brilliant idea to actually know that you can win. Cyberwarfare is the sort of game where you don't really need to be a huge government with the largest standing army in the world and sophisticated weaponry in order to win... more
One summer sport in Internet governance is speculating on what direction ICANN's new CEO will take it in. Making the media rounds yesterday on Fox and Lehrer News Hour to talk about the recent DDoS attacks on US and S. Korea government and commercial websites, new CEO Rod Beckstrom pushed how the response to cyber attacks is a coordinated effort, he also alluded to ICANN's role in similar attacks. Responding to a question on the News Hour about the USG policy response to dealing with cyber attacks, Beckstrom highlighted the critical role of ISP filtering, and identified the "organic" as well as "somewhat structured" coordination which occurs during a typical response. More interestingly, he plugged ICANN's facilitating role. more
We've received enough interest about our previous notes on Iranian Internet connectivity that I wanted to give a brief update, and some reflections. In short: Iran is still on the Internet. As the crisis deepens, people are literally risking their lives by continuing to use the Internet for coordination and communication. more
In the midst of heavy demonstrations in the street of Iran against current regime and controversial election results, online activist have began organizing online attacks against government websites. Activists are asking supporters to use tools currently being spread via Twitter, Facebook, and other social networking sites to participate in the attack. However as one blogger writes, the attack might in fact back fire in a country like Iran where network infrastructure is relatively centralized... more
A few months ago, an article appeared on arstechnica.com asking the question "Should cybersecurity be managed from the White House?" During the recent presidential elections in the United States and the federal elections in Canada, the two major players in both parties had differing views that crossed borders. In the US, the McCain campaign tended to favor free market solutions to the problem of cybersecurity, and the Conservatives in Canada took a similar position... more
This past February, around 100 DNS industry experts met in Atlanta, GA for the "The Global DNS Security, Stability, & Resiliency Symposium." Organized by ICANN and hosted by Georgia Tech, this event was to strengthen personal relationships between operators and review what we know about the DNS infrastructure... The content included three breakout groups over two days: Enterprise Use of DNS, DNS in Resource Constrained Environments, and Combating Malicious Use of DNS... more
In this multipart series I will be presenting some of the leading industry-standard best practices for enterprise network security using Cisco technologies... In Part 3 of this series I began to discuss Cisco technologies as a standard for enterprise data security. In this article we take a look at how Cisco firewall and packet filtering technologies can be used at the network perimeter to enhance enterprise security. more
Network Solutions is having problems with "all" its name servers, according to their tech support and a recent post on North American Network Operators' Group (NANOG) mailing list indicates that it has been under very large-scale UDP/53 DDoS attack for the last 48 hour period. As a result, domain names hosted with Network Solutions' Worldnic have been affected. Network Solutions is one of the leading domain registrars and DNS hosting providers in the world, managing more than 7.6 million domain names. more
Well, at this point, the government is well on its way to bailing out Wall Street from its own incompetence, putting taxpayers on the hook for $700 billion. The worst part is that as Treasury Secretary Hank Paulson puts it, "You're worried about taxpayers being on the hook? Well, guess what? They're already on the hook!" I read that and said "Aw, crap..." Anyhow, Wall Street should maybe learn something from botnet operators. For you see, botnets are not just for sending spam anymore. The bots have diversified their holdings... more
Massive distributed denial of service (DDoS) attacks against ISPs and their customers have almost doubled over the past year, according to a new security report. Attacks on networks making them unavailable to intended users -- also known as distributed denial of service (DDoS) attacks -- exceeded 40 gigabits in the last year according to Arbor Networks' annual survey of ISPs from North America, South America, Europe and Asia. more
Few months ago in a talk given at the Institution of Engineering and Technology organised here in London by the Society for Computers and Law, Professor Lessig recounted a conversation he had with former US Counter Terrorism Czar Richard Clarke, where Larry asked the question that many had in mind... how the US Government managed to conceptualize, design and draft a piece of legislation as vast and complex as the USA PATRIOT Act in such a short period of time (a month and 15 days after 9/11), and the answer was what many people had imagined... more
In the last days, news and government web sites in Georgia suffered DDoS attacks. While these attacks seem to affect the Georgian Internet, it is still there... Up to the Estonian war, such attacks would be called "hacker enthusiast attacks" or "cyber terrorism" (of the weak sort). Nowadays any attack with a political nature seems to get the "information warfare" tag. When 300 Lithuanian web sites were defaced last month, "cyber war" was the buzzword. Running security for the Israeli government Internet operation and later the Israeli government CERT such attacks were routine... more
I was pointed to an article in the Armed Forces Journal where Col Charles W. Williamson III argues that the US Air Force needs to develop a BOTnet army as part of the US military capability for retaliatory strikes. The article brings up some interesting issues, the one that I believe carries the most weight is the argument that we (well, people living on the Internet) are seeing an arms race. It is true that more and more nations are looking into or developing various forms of offensive weapons systems for the use on the Internet... more
Every now and then I get emails from readers of my blog. I mostly reply to them in private, but I recently got one question where I thought my reply might be of general interest. I took the liberty of editing the question somewhat, but in essence it was: "If you have any insight you can share with my class on cyber warfare and security, I would be delighted on hearing it." In general, I think that it's an obvious conclusion that both offensive and defensive actions with regard to national telecommunications infrastructure is becoming an integral part of a nations security assessments.... more