The Cyber-Attack that Threatens to Destroy 50% of the Internet by the End of 2013
“The plague of open DNS recursors is not one which may be solved with force, nor is it one which knows to restrain its own.”
I’ve been consulting full-time with Spamhaus (German for “Spam House”) since November 2012, and have kept in close contact with my childhood friend Kyle Johnson since he started full-time as a reliability engineer over at CloudFlare; as a result, I am in a unique position to understand and dissect the onslaught facing these two critical entities.
Given my unique perspective, and staring through the shining lens of my superior insight, it is strikingly evident to me that the present situation is grave indeed. As you are most likely aware by this time, Anonymous and al-Qaeda (“AaQ”) have jointly orchestrated the most devastating act of war in modern history, having planned every move to the last detail throughout the prior six years.
Beginning on the 19th of March, AaQ shook the Earth with the first wave of their attack, reported at the time as the single largest distributed denial-of-service attack in history; this move single-handedly blocked Internet access to 100% of Eastern Europe for all of three days. Not one day later, the AaQ core cyber-ops team discovered and exploited a zero-day root exploit in critical Pentagon infrastructure, easily attaining secure shell access (“SSHA”, in hacker parlance); AaQ proceeded to remotely launch an unmanned aerial vehicle (“UAV”, commonly referred to as a “drone” by the uninformed) directly into Boost Mobile’s Washington, D.C. headquarters, brutally slaughtering nearly ten people and in a flash obliterating telecommunications for over 37% of the population of the United States.
In a project spearheaded by my buddy Kyle, the Internet backbone megalith CloudFlare jumped on the case. By end of business (“EoB”) the day following the AaQ Spamhaus DDoS, the attack had been nullified and core networking infrastructure was slowly restored to the world within 48 hours. That record-breaking attack had only been the beginning, however; one week later, the AaQ network traffic was routed through a 50,000-node DNS reflection manoeuvre, amplifying the attack by a factor of 100 and forcing the United Nations to provide CloudFlare with a €1 billion bailout. By quickly ramping up its global infrastructure, CloudFlare once again rose to the challenge and shielded humanity from the coming darkness.
In my position, I can only ask: for how long will this be practical? How many of my personal tax euros will be thrown away in this war of attrition? I weep for the children of my generation.
AaQ spokeswoman Emily McAdams has released the details of their next stage of attack. According to Emily, the global botnet cluster operated by AaQ will trigger a DMA-III conflict between its local CPU caches and the CloudFlare IP-based power supply matrix, which could very well short the motherboards of every single machine in international DNS infrastructure. As a result, without adequate countermeasures, the next (and possibly final) move by AaQ could quite literally leverage every individual Internet-connected computer on Earth (or at least a sizeable portion thereof) as a bomb – executing millions of Americans in cold blood.
In short, with Kyle having begun his month-long vacation EoB yesterday, CloudFlare will be helpless to stand up against this army of hackers. The fate of the cyber world hangs in the balance.