UNIDENTIFIED hackers are carrying out attacks to discover how to disable the internet, a top security expert has warned.
Security guru Bruce Schneier said in a recent blogpost that “precisely calibrated” attacks on critical internet firms had been seen for over a year.
The attackers were looking for weaknesses in the defences of organisations overseeing crucial parts of the net.
The security export said his “first guess” was that either China or Russia were responsible for the strikes.
Responding to the comments, one security firm said the range of attacks Schneier spoke of was “the new normal” for many internet organisations.
The hackers typically sought to knock a site offline, using well-known distributed denial of service (DDoS) attacks to probe defences by overwhelming the target with data. The technique is often used by extortionists who threaten to cripple a site via DDoS unless its owners pay a fee.
But Mr Schneier said the DDoS attacks observed against core net firms were on a different scale. To begin with they were “significantly larger” and lasted longer than most such attacks.
The attacks were also more sophisticated because the amount of data being directed at victims was slowly turned up. Frequently the peak data rate of one series of attacks would be the starting point for the next wave.
The attackers also sought to find out what digital defences firms could muster by employing several different types of DDoS attack. Other attacks on the net’s addressing system had also been seen that, together with the DDoS probes, revealed a worrying pattern.
“Someone is extensively testing the core defensive capabilities of the companies that provide critical internet services,” Schneier wrote.
Mr Schneier did not say which companies had been suffered these attacks as victims had shared information with him under a guarantee of anonymity.
Net giant Verisign lent weight to Mr Schneier’s conclusions when it released information it had gathered on DDoS attacks, saying it had seen DDoS attacks become “more frequent, persistent and complex”.
But other firms were quick to add that while DDoS attacks had been growing in frequency, volume and sophistication for many years, they were kicked off by many different actors around the world. These included nation-state actors, some groups affiliated with governments at arm’s length, non-state ideological actors, and commercially driven criminals.