Sunday, September 18, 2016

Someone is learning & practicing how to take down the Internet

This is serious and genuinely alarming.

NOTE: The suggestion that Russia or China is behind this is simply 
absurd. The claims that Russia has been missing with our voting 
procedures are completely rubbish. They use that to justify DHS
taking over the 2016 presidential election to guarantee that Hillary
--dead or alive!--will be the victor. But that efforts are being exerted 
to learn how to take down the internet does not surprise me at all.
like Hillary's doubles. Russia and China, unlike our government,
have no problems with the American people learning the truth.

Bruce Schneider is an expert in cyber-security, the Chief Technology Officer of Resilient, an IBM Company, a fellow at Harvard’s Berkman Center, and a board member of Electronic Frontier Foundation — an organization defending our rights in the digital world.

In a blog post, Schneider sounds the alarm that in the past year, the websites of major companies that provide the Internet’s basic services repeatedly have been attacked, each time more sophisticated than the last, which suggests “someone” is practicing how to take down the Internet by learning from the companies’ defensive moves.
Below is Bruce Schneider’s blog post of Sept. 13, 2016, “Someone is Learning How to Take Down the Internet“:
Over the past year or two, someone has been probing the defenses of the companies that run critical pieces of the Internet. These probes take the form of precisely calibrated attacks designed to determine exactly how well these companies can defend themselves, and what would be required to take them down. We don’t know who is doing this, but it feels like a large nation state. China or Russia would be my first guesses 
First, a little background. If you want to take a network off the Internet, 
the easiest way to do it is with a distributed denial-of-service attack (DDoS). Like the name says, this is an attack designed to prevent legitimate users from getting to the site. There are subtleties, but basically it means blasting so much data at the site that it’s overwhelmed. These attacks are not new: hackers do this to sites they don’t like, and criminals have done it as a method of extortion. There is an entire industry, with an arsenal of technologies, devoted to DDoS defense. But largely it’s a matter of bandwidth. If the attacker has a bigger fire hose of data than the defender has, the attacker wins. 
Recently, some of the major companies that provide the basic infrastructure that makes the Internet work have seen an increase in DDoS attacks against them. Moreover, they have seen a certain profile of attacks. These attacks are significantly larger than the ones they’re used to seeing. They last longer. They’re more sophisticated. And they look like probing. One week, the attack would start at a particular level of attack and slowly ramp up before stopping. The next week, it would start at that higher point and continue. And so on, along those lines, as if the attacker were looking for the exact point of failure. 
The attacks are also configured in such a way as to see what the company’s total defenses are.There are many different ways to launch a DDoS attack. The more attack vectors you employ simultaneously, the more different defenses the defender has to counter with. These companies are seeing more attacks using three or four different vectors. This means that the companies have to use everything they’ve got to defend themselves. They can’t hold anything back. They’re forced to demonstrate their defense capabilities for the attacker. 
I am unable to give details, because these companies spoke with me under condition of anonymity. But this all is consistent with what Verisign is reporting. Verisign is the registrar for many popular top-level Internet domains, like .com and .net. If it goes down, there’s a global blackout of all websites and e-mail addresses in the most common top-level domains. Every quarter, Verisign publishes a DDoS trends report. While its publication doesn’t have the level of detail I heard from the companies I spoke with, the trends are the same: “in Q2 2016, attacks continued to become more frequent, persistent, and complex.” 
There’s more. One company told me about a variety of probing attacks in addition to the DDoS attacks: testing the ability to manipulate Internet addresses and routes, seeing how long it takes the defenders to respond, and so on. Someone is extensively testing the core defensive capabilities of the companies that provide critical Internet services. 
Who would do this? It doesn’t seem like something an activist, criminal, or researcher would do. Profiling core infrastructure is common practice in espionage and intelligence gathering. It’s not normal for companies to do that. Furthermore, the size and scale of these probes — and especially their persistence — points to state actors. It feels like a nation’s military cybercommand trying to calibrate its weaponry in the case of cyberwar. It reminds me of the US’s Cold War program of flying high-altitude planes over the Soviet Union to force their air-defense systems to turn on, to map their capabilities. 
What can we do about this? Nothing, really. We don’t know where the attacks come from. The data I see suggests China, an assessment shared by the people I spoke with. On the other hand, it’s possible to disguise the country of origin for these sorts of attacks. The NSA, which has more surveillance in the Internet backbone than everyone else combined, probably has a better idea, but unless the US decides to make an international incident over this, we won’t see any attribution. 
But this is happening. And people should know.
A reader of Schneider’s blog-post, Random Guy 17, wrote this interesting comment:
“An attack on a service is best done by an attacker that doesn’t need that service. You don’t pull the plug on the power company that supplies your own home/business.
With that in mind, a closed, not highly Internet enabled country makes the most sense- like China.”
Other commenters warn that it may be the U.S. government, e.g., the NSA, doing the attacks — to find the Internet’s weaknesses (in order to better defend it), or more malevolently, as bargaining chip for more money allocated to cyber-security.
It doesn’t help that in two weeks, on October 1, control of the Internet — specifically, the Internet Corporation for Assigned Names and Numbers (ICANN) — will pass from U.S. administration to a multilateral body, most likely the United Nations International Telecommunications Union (ITU). (Breitbart)

H/t ZeroHedge and FOTM’s Will Shanley


  1. The so-called 'dark web' is accessed through TOR. And the easiest way for the government to find out who runs these hidden TOR sites is to temporarily take offline particular ranges of IP addresses, then check to see if the TOR site in question is still accessible. If it's accessible, then proceed to the next bank of IP ranges. If it is NOT accessible, then it's likely that the TOR site in question is within the range of IP addresses temporarily shut down.

    1. Dr. Fetzer farts again and we are supposed to listen? Who appointed him the Grand Poobah? LOL

    2. Not me.

      Jim Fetzer = 💩

  2. jim there is still a weak point that can be exploited. Do as terribletim does and turn in shows at your local public access TV station. You will reach many folks in your community. If everyone did it the beast system would come crashing down quickly.

  3. Might be the NSA acting malevolently?
    Everyone should go see Snowden this week so the numbers are good. Oliver Stone proves that artists may just be able to save us. Bad guys aren't funny, and don't make good movies.

  4. I am only surprised it is taking them so long. Notice how they don't sell computers with DVD drives in them any more? They don't want us able to reproduce hard copies of information easily and be able to share them. When they take down the internet it would be our only way of distributing documentaries. The Iranian revolution was conducted with cassette tapes.

  5. That's a ludicrous basis to make such a serious charge on.

  6. I am at risk also after HostMonster got take over by new company. Luckily it is my habbit to do a COMPLETE back up of all flat files from the web to my home computer, then I copy THAT over to USB on a weekly basis. It's also getting expensive and with limits on SQL file sizes. By backing things up I saved 650GB of hard flat file data. I am only now trying to get back on-line with GoDaddy.

    Keep up the Fight Mr Fetzer and the VT group. We may need a NEW 21st Century Declaration of Independence. We've spent 20 TRILLION dollars in monetary loss but Hundreds of Millions in death and misery across the globe for another LIE, just the 1st Declaration and its constitution was based lies and a house of cards.

    From The Moderator

    We must be winning, otherwise I would not be overwhelmed with the assault on our comment section.
    Evil trolls with no conscience, who do not have any concept of joy, compassion, community, friendship or an instinct to protect children are pulling out the stops.

    These fiends, who enable the rape of children and who should not be able to look themselves in a mirror without vomiting, are pretending to be other commenters; hijacking threads; changing their names; offering fame and riches in exchange for satanic vows, and promoting strange products. I know you forgive me if it takes me a bit to delete them. If you must respond, please follow Stephens example and include the tidbits but have your comment be a "stand alone..." not a "reply." That way when I dump them your work is not deleted, and they do not get money for replies to their comments.

    I have no idea how I will continue to deal with these seemingly irredeemable pieces of human filth, but I will do my best.

    To our good community, please stay with us, and together we will continue to discuss, debate and disseminate all the ideas and truths that good and brave people like Dr. Fetzer continue to share with us.

    I am undaunted and more determined than ever to help clean up my little corner of decency.

    Thanks for your support.