Report this to a moderator?
This will report to a moderator for action.
OUTSIDE THE BOX: Pulsing Zombies, a Head-Banging Event?
By Shelley Souza, Optionetics.com |
Wed June 6, 2001 11:30AM PT
Cracking (which is the proper term for malicious computer hacking) is so easy, relatively speaking, that they aren’t failed brain surgeons who are attacking the Internet—attacks that security experts estimate will become increasingly worse as crackers make their original programs more sophisticated. Almost anyone with a computer, a little bit of computer knowledge and a desire to create damage can crack into most networks using basic programs that are readily available, for free, over the Internet.
Asta Networks is a private company that has been monitoring the 2nd Generation Internet, the Internet2 Abiline backbone. Using high-speed fiber optic technology, the backbone is an experimental connection of 180 universities across the country. The company’s technicians have identified three types of denial of services attacks.
According to Asta, the latest type of distributed denial of services [DoS] are “pulsing zombies” that eat the brains out of your computer while slamming their guitars around a concert stage. Well, not entirely… but close. Pulsing zombies attack a network in sharp bursts (like bad-sounding punk rock to the unprotected ear). In that respect, they are different from regular DoS attacks, which assault a system with a steady stream of garbage, causing the network to overload and rendering it incapable of performing regular services for legitimate users. In a regular DoS attack, the stream of traffic can be traced in much the same way as tracing a telephone call. But with pulsing zombie DoS attacks, tracing their origin is much more difficult because the attacks are orchestrated to perform more randomly.
“Zombies” are what computer security experts call machines on unprotected networks that crackers manage to take over with “daemons” that they then use to operate the computer by remote control. These machines become like the “living dead,” wreaking havoc for their manipulative “masters” and sucking and the life out of networks.
The third type of attack is known as degradation of services. In some respects, this type of attack is more lethal over the long run. Unlike traditional DoS programs that rapidly fling garbage at a network, inundating the system with requests it cannot understand, degradation of services attacks start out by increasing data sent to a system that appear to be normal requests and gradually increase the data until the system is overloaded. Like a slow-leaking tire that one day causes a terrible accident, degradation of services slowly degrades the quality of a network. In addition, extra requests force networks to deploy more bandwidth. Most companies pay for bandwidth per user request, so sending bogus requests that appear to be real tricks companies into incurring hidden costs until a great deal of damage has been inflicted, not only on their network but also on their check book.
Asta technicians say that crackers are now beginning to fine-tune their attacks, often launching a “DoS Dress Rehearsal,” where a network is attacked for a day or so and then severely hit at a later date. According to the Yankee Group, an independent Internet research company, DoS attacks cost American businesses $1.2 billion in 2000.
I have no idea how this information can help us as traders yet, but it points to the importance of the right type of security being implemented on the Web. The construction of Internet2 is being supported by the services of IBM (IBM), Global Crossing (GX), AT&T (T), and a host of other industry leaders, as well as government agencies and universities. What they learn about cracking now will allow them to prepare for some of the more immediate attacks. But as the backbone becomes more sophisticated, so will its attackers. We should not for a moment fool ourselves into believing we will ever get the better of malice aforethought. Crackers may turn out to be, after all, failed brain surgeons who decide to break backbones instead of skulls.
Senior Writer & Trading Strategist
Optionetics.com ~ Your Options Education Site
Visit Shelley Souza’s Forum
Recent articles by
Shelley Souza, Optionetics.com
Commenting not available for this article