Beware the denial-of-service sharks
"e-terrorism \e-ter-er-i-zem\ n (2000) : 1. the systematic use of terror within the electronic marketplace esp. as a means of coercion, 2. the disruption of electronic commerce and communications systems for the purpose of destabilizing the market, 3. the next big wave of sound bites regarding the Internet."
After a week of extremely public – and effective – terrorist activities across the Internet, people everywhere are scratching their heads and wondering how it could have happened and how they can protect themselves from it in the future. Unfortunately, the answer, at least in the short term, may be: not much. Ironically, this is because the denial-of-service (DoS) attacks were so simple in their implementation.
Unfortunately, the effect of DoS as an e-terrorism mechanism can be quite costly. These attacks have cost a handful of companies millions of dollars – a costly price to learn just how vulnerable our precious Internet is.
Naturally, whenever there's blood in the water, the sharks come calling. In this case, they're vendors claiming to have The Answer to DoS attacks and other security holes. But the biggest shark of all - the government - is not far behind. Be very wary. Aside from building bigger capacity sites, there is not much anybody can do to stop a group (or an individual) from flooding the Internet with packets (some ISPs reported that the DoS attacks on certain Web sites were so intense that they actually saw a slow-down in their own overall network performance).
Sorry, you probably didn’t want to hear it. But it is the truth. So if your firm relies upon the Internet for communications, don’t forget to have that "bypass" backup link. And if you access information on the Internet, don’t ever think that it will be available 24 hours a day.
Right about now, there are a lot of rumors and conspiracy theories about who's responsible. Some of the better ones I’ve heard involve the Russian Mafia trying to extort money from US businesses, 12-year old kids with too much time on their hands and the US government itself trying to justify a crackdown on Internet activities (coupled with a new wave of government/privacy regulations designed to give "big brother" more control of the 'Net).
It’s this last theory that scares me the most. Not because the government has really figured out how to crash eBay, but because it likely will use this latest wave of e-terrorism to crack down on otherwise legitimate 'Net activities and discourse.
I'm not saying the government shouldn't try to find - and punish - whoever's behind last week's attacks and similar ones we're bound to see in the future. The Internet has become too important an economic resource to let these attacks go unpunished. But you need only to look at government excesses in the 1960s and 1970s to realize how quickly government power can be turned against people exercising their constitutional rights. I’m not willing to give up personal freedom on the 'Net to try and fix a problem that in all likelyhood can’t be fixed anytime soon.
RELATED LINKS
The Keeping Current archive
Past columns.
Forum: Are hackers the only ones to blame?
Online Editor Adam Gaffin wonders whether the sites from which last week's attacks were launched shouldn't be held accountable as well.
Research: Denial of Service
Links to additional DoS resources: articles, papers and downloadable software.
