SERIOUS ATTACK ON ROOT DNS NODES

February 7th, 2007

Two days ago, in a comment on the Zbigniew Brzezinski Before the Senate Foreign Relations Committee story, I wrote the following:

This thing is collapsing for multiple reasons, and all at once… I’ve thought along these lines as well, especially re: a strategic, false flag takedown of the Internet mainly to blame “the terrorists” for economic collapse, and to wipe away evidence of past crimes. Don’t ask me how “the terrorists” would manage to destroy redundant backup and data systems… But “the terrorists” are a crafty lot. Like Satan, et. al. * sigh *

The way to think about it is: What would kill the most birds with the fewest stones? That’s why I thought “the terrorists” will finally focus on the undefended infrastructures that make the Internet possible:

1) End the criticism of the regime.
2) Cut off people like us from real information.
3) Cut off people like us from communicating with each other.
4) People, rendered helpless, jobless, Walmartless, etc, would beg for the government to save them.
5) Anyone who dares speak out against the government would probably be killed by a mob of troglodytes.
6) Oh yeah, the theft of trillions of dollars? What are these trillions of dollars you speak of, Senator? Who? Where?

LOOK OUT! THE TERRORISTS ARE COMING BACK TO FINISH US OFF!!!!

That’s one possible scenario, anyway.

I don’t think that it’s possible to know which trick is going to be pulled with any precision. But they’re going to have to try to fit ten pounds of shit into a five pound bag, and soon. The question is how to blame “the terrorists” for the crash without the thing leading to nuclear war. I’m guessing that this Brzezinski thing is like saying, “Don’t do it ‘that’ way. Go back to the drawing board. We don’t want it to play out like ‘that.’” Iraq is clearly out of control. Add Iran to the mix? I don’t see how they maintain any level of control (militarily, politically, economically, take your pick) with an order of magnitude increase in the chaos on the ground. I think this crossed Brzezinski’s mind, and the minds of his handlers.

Today’s operation against the root DNS systems may have been more reconnaissance than attack. I don’t want to discuss this in too much detail (offensive information warfare is a matter that governments take extremely seriously – discussing too many details could result in a visit from the authorities), but the people behind this probably now have a better picture of the countermeasures and backup systems that are in place. This information would help make an attack on undefended physical assets much more devastating.

If my Magic 8 Ball is correct about a strategic, false flag attack on the Internet… well, as usual, I just hope I’m wrong.

Via: AP / Wired:

Hackers briefly overwhelmed at least three of the 13 computers that help manage global computer traffic Tuesday in one of the most significant attacks against the Internet since 2002.

Experts said the unusually powerful attacks lasted as long as 12 hours but passed largely unnoticed by most computer users, a testament to the resiliency of the Internet. Behind the scenes, computer scientists worldwide raced to cope with enormous volumes of data that threatened to saturate some of the Internet’s most vital pipelines.

The Homeland Security Department confirmed it was monitoring what it called “anomalous” Internet traffic.

“There is no credible intelligence to suggest an imminent threat to the homeland or our computing systems at this time,” the department said in a statement.

The motive for the attacks was unclear, said Duane Wessels, a researcher at the Cooperative Association for Internet Data Analysis at the San Diego Supercomputing Center. “Maybe to show off or just be disruptive; it doesn’t seem to be extortion or anything like that,” Wessels said.

Other experts said the hackers appeared to disguise their origin, but vast amounts of rogue data in the attacks were traced to South Korea.

The attacks appeared to target UltraDNS, the company that operates servers managing traffic for Web sites ending in “org” and some other suffixes, experts said. Officials with NeuStar Inc., which owns UltraDNS, confirmed only that it had observed an unusual increase in traffic.

Among the targeted “root” servers that manage global Internet traffic were ones operated by the Defense Department and the Internet’s primary oversight body.

“There was what appears to be some form of attack during the night hours here in California and into the morning,” said John Crain, chief technical officer for the Internet Corporation for Assigned Names and Numbers. He said the attack was continuing and so was the hunt for its origin.

“I don’t think anybody has the full picture,” Crain said. “We’re looking at the data.”

Crain said Tuesday’s attack was less serious than attacks against the same 13 “root” servers in October 2002 because technology innovations in recent years have increasingly distributed their workloads to other computers around the globe.

Related: U.S. Plans to ‘Fight the Net’

9 Responses to “SERIOUS ATTACK ON ROOT DNS NODES”

  1. smith says:

    Related link from the Internet Storm Center
    http://isc.sans.org/diary.html?storyid=2184

  2. David says:

    Damn good call Kevin; I don’t think Their Agents would be shock testing if they didn’t plan to attack in the not-so-distant future.

    But here’s what I can’t figure out: the logic or timing of the many-fronted collapses…I’m going to take a shot at it:

    First, I will assume these varied collapses ABSOLUTELY WILL NOT occur simultaneously; the disorder would be uncontrollable.

    A. Chrono Logic of Collapses:

    1. Public IT System Collapse; Private IT System Secretly Remains Active (I know nothing about IT systems/networks, but I understand behavior, energy and systems; I assume private IT systems/networks exist that would allow Them to keep communicating while Their Agents are destroying public IT systems/networks and/or their infrastructure. Is this true?? If not, how will they maintain the short-term information flows necessary to allow them to allocate resources during these collapses in a manner that will lead to more control over larger and larger amounts of resources in the medium to long term??) leading to a
    2. Financial System Collapse followed by an
    3. Economic System Collapse, first national, then international, leading to a
    4. Political System Collapse, again, national first, then international (Old political systems will be immediately replaced with New, Dictatorial systems),
    5. Current and Very-Near Future Military Posturing/Engagements (Iran) begat an international military engagement (WWIII); after The Final War, we’ll experience
    6. Health and Environmental System Collapses, taking the form of synthetic, human-engineered natural disasters and plagues.

    B. Very Speculative Collapse Time Frame (This is where it gets good!): Major collapses should begin no earlier than Jan. 1, 2008, with virus plagues to begin no later than May 2009; here’s my scant evidence:

    1. http://www.dod.mil/comptroller/defbudget/fy2008/budget_justification/pdfs/procurement/Vol_1_Miscl/DISA.pdf

    Title: DEFENSE INFORMATION SYSTEMS AGENCY (DISA) FY 2008-2009 Budget Estimates (See page 48 [Crisis Management System]; It’s pretty self-explanatory and very revelatory!).

    Also See: http://www.fcw.com/article97585-02-06-07-Web

    2. http://travel.state.gov/travel/cbpmc/cbpmc_2225.html

    Title: Frequently Asked Questions about the New Travel Document Requirements (FAQs)

    “The Western Hemisphere Travel Initiative (WHTI) will require all travelers to and from Canada, Mexico.…It is anticipated that on January 1, 2008, U.S. citizens traveling between the U.S. and Canada, Mexico, Central and South America, the Caribbean, and Bermuda by land or sea….”

    The plebes will not be allowed to exit the Homeland.

    3. http://www.washingtonpost.com/wp-dyn/content/article/2007/02/03/AR2007020301120_pf.html

    Title: In Drill, CDC Practices For Influenza Pandemic

    I seriously doubt a CDC exercise of this magnitude would not be followed by an attack within 2 years.

    4. http://www.bloomberg.com/apps/news?pid=20601109&sid=a_exlgAKUAY8&refer=exclusive

    Title: Pimco’s Hurricane Yields Drive Wall Street Into Insurance Bonds

    “Swiss Reinsurance Co., the world’s largest reinsurer, estimates the market for insurance-linked securities, which includes everything from Triple-X and bird flu bonds to so-called sidecars, will grow to $350 billion in a decade after more than quadrupling to $27 billion in the past five years….”

    Please critique!

  3. PeakEngineer says:

    Naturally, I had heard nothing about the attack before reading it here (funny – I posted a rant about this sort of thing just today). I have to say, that’s pretty strong evidence for your theory — one more piece of a very big puzzle.

  4. tsoldrin says:

    I would be seriously surprised if the root name servers had not been compromised long ago and perhaps this will expose that (or perhaps not). They have been vulnerable since the late 80’s. It is the ultimate hack after all. Control of those machines would allow you to re-route any traffic through a snooping gateway and snarf any and all packets.

  5. Eileen says:

    Sorry Kevin, I posted my previous comment before I read your whole post above.
    I was unable to access my credit union on line yesterday (now I know why).
    Made me realize how very vulnerable and fragile an electronic life can be. Perhaps there exists a Shallow Hal, doo-doo nerdgeek – fed or contractor – getting some of those billions from Iraq to bring the whole thing down. Howz that big fat pizza boyz? Pop that zit!!! FUN!
    I learned today the it is “the LAW” that every federal agency have a Continuity of Operations plan (since 9/11 and Hurricane Katrina). I am inspired to suggest you write a protocol and/or manual for what we should do to ensure The Continuity of Operations for the Internet should such a false flag attack occur. Actually that would be a crisis manual. Write it in a codebook for those who contribute to Cryptogon and Farmlet so that we can say ( to each other electronically) after each bullet below, they tried, but them suckers but did not:

    1) End the criticism of the regime.
    2) Cut off people like us from real information.
    3) Cut off people like us from communicating with each other.
    4) People, rendered helpless, jobless, Walmartless, etc, would beg for the government to save them.
    5) Anyone who dares speak out against the government would probably be killed by a mob of troglodytes.
    6) Oh yeah, the theft of trillions of dollars? What are these trillions of dollars you speak of, Senator? Who? Where?
    IMPEACH CHENEY FIRST-

    One last point, continuity of operations in the U.S. fed ranges from code 1 to 4.
    Code 1 = 2 hours to bring it on at a new location; Code 4= you’ve got 12 hours.

  6. […] if I could find any indication of the military response to the events of a couple of days ago, re: the operations involving the root DNS nodes. There is, without a doubt, a military response. Of course, who actually did the thing vs. who gets […]

  7. […] as Cryptogon points out, the Net could be taken down completely.  That’s bad news for everyone, […]

  8. blahblahblah says:

    I disagree. The terrorists don’t attack IT or don’t successfully attack IT because they are stupid. Legally, philosophically and morally they’re stuck in the Dark Ages, at best around about where England was in the 15th century AD.

    Some of them might have script kiddies who point shitty Ping O’Death attacks at Isreal, but that’s about it. Their use of Internet is mostly for propaganda purposes, everything is all symbolic and stuff. They see technology in a completely different way to us; for example one of the rumours going around among Iraqi civilians is that US bases are protected by invisible force fields.

    We’re like HG Wells martians to them; the most they can hope to do is co-opt our technology, not agressively destroy it. They’d have to be too much like us to do that.

    Good essay though! Have you ever read any Debord?
    He wrote something with similar implications waaay back in 1988 – the cold war is over, the spooks, terrorists and gangsters are now running the planet:

    http://www.notbored.org/commentaires.html

  9. […] paying attention to the fallout from the incident involving the root DNS nodes. In the course of following that story, I came across the Strong Angel III operation, which […]

Leave a Reply

You must be logged in to post a comment.