Terrorists plan to "blow up" the internet

[draggar]

First and only warning: This is not meant to be a political discussion of who did or didn't do what or not. If you wish to discuss this, please ONLY post it in the political section. This discussion is to discuss WHAT would happen - facts (including educated and non-political speculation).

They said this "news bit" on the radio this morning and as absurd as it sounds, it got me thinking.

Terrorists aren't stupid (and this is why I'm posting it in the platinum section - so it doesn't get indexed). They have resources and can plan out attacks - and I don't think anyone would disagree that a successful massive attack on the internet itself would cause worldwide havoc. I'm not talking DOS attacks or viral attacks, I'm thinking something bigger.

There are some "critical" points in the internet. We've witnessed this recently when a few cables got cut in the Mediterranean sea - many areas had severely limited to no internet access until the issues were resolved.

What if terrorists decided to take out the VeriSign servers (the ones that host the main registry)? There are many ways they could do this - missile attack, crash a plane into it. What would happen? Are there backups or are the individual registry entries stored at the registrars?

What if they decide to take out some of the larger registrars? GoDaddy, Enom, NetSol?

Anyone have any ideas on this?

 

[Stian]

I don't think this is a large threat. Terrorists may cut cables and/or blow up huge servers, but it won't take long until they are up and running again. Such critical points have all kinds of security and they have backup plans and training in case of terrorist attacks/vandalism.

I am confident that they have a secure backup system (not a bunch of external drives stored next to the servers ) in case the entire server park is blown to pieces.

 

[draggar]

I have no doubt that these components have contingency plans and backups but how long would it take them to get them up and running? 15 minutes? A few hours? The longer the outage - the more damage (we saw what happened a few years ago when the whole northeast had no power for a day or so).

What if this happened at, say 12:00 noon EDT (09:00AM PDT) - this would be the busiest times, east coast is fully working and west coast is just starting to get online and working. Unless institutions had IP addresses on hand (would that help?) they wouldn't have access to anything outside of their own intranet.

While there are backups in place, sometimes you cannot completely plan for events. Hurricane Katrina taught the wireless carriers in the US how fragile their networks can be (most had major hubs in New Orleans).

 

[Stian]

I have no doubt that these components have contingency plans and backups but how long would it take them to get them up and running? 15 minutes? A few hours? The longer the outage - the more damage (we saw what happened a few years ago when the whole northeast had no power for a day or so).

What if this happened at, say 12:00 noon EDT (09:00AM PDT) - this would be the busiest times, east coast is fully working and west coast is just starting to get online and working. Unless institutions had IP addresses on hand (would that help?) they wouldn't have access to anything outside of their own intranet.

While there are backups in place, sometimes you cannot completely plan for events. Hurricane Katrina taught the wireless carriers in the US how fragile their networks can be (most had major hubs in New Orleans).

There will reign chaos the (hopefully short) period of downtime, yes. Basically, nothing will work. Air traffic, trains, all types of public transportation, credit card terminals etc. etc.

The internet is what keeps the whole world spinning and it is definitely the most vulnerable target of a terrorist attack.

 

[draggar]

OK, so here's the (very unlikely) scenario:

Terrorists seize control of several large aircraft (similar to 9/11). They decide to take out the main headquarters and wherever the main servers are for VeriSign, GoDaddy, Enon, NetSol, Moniker, PIR (they're for .org and .info, right?), 1&1, and maybe even Host Gator.

The "strikes" start at about 12:10PM EDT (9:00AM PDT) on a Monday morning. VeriSign and PIR are the first to be taken out, then the registrars and hosts.

No internet access for the vast majority of the internet (I'm sure those entities handle close to 90%-95% of the internet "work") that is granted your ISP is still up and you're not flooded with traffic. No VoIP system works, maybe only in the same building. Cel phones would have extremely limited capabilities (luckily most voice calls SHOULD still work). No access to banks, news, or whatever, maybe even some TV services suffer.

How long do you think they could be back up and running? (Maybe we'll hear from some people who work for these companies?).

What if they cut back and only took out VeriSign?

Again, this scenareo is HIGHLY UNLIKELY considering the size this would have to be and the resources needed plus the security in place to prevent things like this.

 

[firetown]

I would predict a multi government emergency unit taking over and a New Internet Order being forced upon everyone. Once restored, internet life as we know it would change in an instance. If planned properly, the effect of a terrorist plot could create a monumental shift of wealth being transfered and give government officials an excuse to take away our freedoms after that, which as some may say could become a lot scarier and create more issues when continuing business once some sort of restoration has taken place.

Mike Dammann

 

[PRED]

well, firstly interesting discussion.
when 911 happened, they assumed all data would be lost on the servers, they werent counting on some top level firms, particularly in germany that were able to salvage large amounts of data, which amongst other things detected mass insider trading minutes before the crash ahppened, thats another story, and data retrieval like this cant be done quick.
i would imagine large data services and hosting companies have remote backups?

also the one way to take down the net i guess is to take down the root servers, but that wouldnt be easy.
http://en.wikipedia.org/wiki/Root_nameserver

im guessing they would orchestrate mass dos attacks on a scale never seen before?

 

[Gerry]

This is not new news, imo.

The globe works on the internet. 9-11 showed that. Yes, it crippled the financial market for more than a week. But think about it...the world literally came to a halt.

The resulting crippling effect of our and the world's economy was huge. The terrorists immediately recognized that the way to cripple America is to hit their financial markets by hitting their interconnectivity (internet).

One can not go without the other. The entire global markets are open 24/7. Remember when trading used to be stopped at 4 pm, on a Friday, and did not resume until Monday morning at 9am? If you are in your 20's or 30's you would most likely have to see an older movie as how it used to be done. Then came day trading, aftermarket trading, and around the clock trading by tapping into global markets.

The terrorists could care less about Verisign, GoDaddy, Enom. They care about the internet in general. Any attack on the root servers is viewed as an act of War, according to US policy. Root servers are the main issue and target. Taking them out would be the goal.

On another note, look to China to break away from ICANN and the rest of the world by developing their own internet and placing their root servers on Chinese soil. Anyone who has been following China in recent history should know that they have used every disaster (manmade or natural) as an opportunity to be critical of ICANN and how China is at the mercy of others to ensure it stays connected.

 

[PRED]

Russia is looking to do same Doc, and out of every country, they will be the first. I'm amazed they havent broken away before

 

[Gerry]

Russia is looking to do same Doc, and out of every country, they will be the first. I'm amazed they havent broken away before

I am aware of this.

They have become quite vocal about it lately, within the past year or so.

But China has been playing the blame game for quite sometime. We're talking about DDoS attacks, an undersea cable being cut by a submarine, earthquakes in Japan and Indonesia disrupting service, and other activity.

Terrorism is a great concern for anyone involved in IT security.

I am not sure how this is going to play out. Clearly, ICANN has outlived its usefullness (uselessness?). As devastating as a dirty bomb or biological attack would be, and attack that brings global commerce to a halt would be the dream. And be assured, those in positions of security know this.

 

[DomainFatigue]

What then - rely on NSA backup files?