Anonymous Probably Won’t Shut Down the Internet This Weekend
by 5
Twitter handles associated with Anonymous are suggesting that “Operation Blackout,” a rumored attempt to shut down the Internet scheduled for March 31, was never an officially sanctioned plan.Operation Blackout calls for a highly-focused Distributed Denial of Service (DDoS) attack on what it said are the Internet’s 13 root Domain Name System (DNS) servers. It was announced in February as a protest against SOPA, Wall Street and “our irresponsible leaders and the beloved bankers who are starving the world.”
The release suggested such an attack would temporarily disable the DNS system, which turns a web address such as “www.mashable.com” into an IP address that directs a user’s browser to the proper server. That’s not exactly the same as taking down the entire Internet, but Anonymous said that didn’t matter.
“Anybody entering ‘http://www.google.com’ or ANY other url, will get an error page, thus, they will think the Internet is down, which is, close enough,” reads the release. “Remember, this is a protest, we are not trying to ‘kill’ the Internet, we are only temporarily shutting it down where it hurts the most.”
As the weekend drew nearer, Twitter accounts associated with Anonymous denied such an attack was on the horizon.
The account also argued that such an attack would be self-defeating. If Anonymous shut down the web, it would be removing the forum the group uses to express its political and ideological grievances.
Even though this account is backing off “Operation Blackout,” Anonymous prides itself on its leaderless structure — so an operation may be carried out by a small handful of members in the group’s name. However, even if Anonymous (or part of Anonymous) attempted such an attack, many cybersecurity experts doubt it would be successful.
“It’s not even technically feasible,” says Dave Marcus, director of security research at McAfee Labs. According to Marcus, the DNS system has a great deal of redundancy, security and load-balancing measures in place.
“That doesn’t mean if they tried, there wouldn’t be odd consequences with routers and other things like that,” says Marcus. “But they’re not going to be able to knock the DNS servers offline. The thing that would worry me is what would happen to traffic along the way. Let’s say you can’t get to an exit on expressway that you want to get to, and everyone else is trying to get there as well. It creates odd routing problems and unintended consequences.”
Marcus added that Anonymous would need tens of thousands of connections (or botnets) to even attempt such an attack, a number likely to be beyond their capabilities.
Matthew Prince, CEO of CloudFare, pointed out that the idea of DNS relying on only 13 servers is a fallacy.
“There are hundreds of other servers scattered across multiple locations,” says Prince. “Those servers are regularly under attack, they’ve sustained fairly massive attacks launched against them and they are run fully redundantly. I think the likelihood anyone could knock the root server system offline is extremely low.”
Prince added that Anonymous once unsuccessfully tried to take down Amazon — and if Amazon could withstand an attack, the DNS system certainly could. If need be, says Prince, outside organizations like his would “step up” to host backup DNS servers.
“I think you would see other organizations stepping up to add additional resources to mitigate an attack,” says Prince. “There are more good guys on the Internet than bad guys — and we’d bind together fairly quickly to ensure the Internet continued to run.”
