Denial-of-service attacks are growing faster than bandwidth is being added to the internet, according to VeriSign, the company that administers the .com domain.
Criminal groups selling services online are increasingly threatening the fabric of the internet, as the size of the compromised networks of computers they control increases, according to VeriSign.
The company claimed that a successful denial-of-service (DoS) attack against VeriSign could bring down the internet. "There are attacks attempting to shut down our servers," said Ken Silva, VeriSign's chief security officer. "This would effectively shut down the internet."
Silva said that although DoS attacks are difficult to trace, there are "a couple of well-known groups in Russia, China and Romania" that may be acting with their government's knowledge. "It would be hard to imagine groups who have this much activity going unnoticed by their governments," he said.
The chief security officer said that VeriSign "hoped to get smarter" in blocking malicious traffic. "We can continue to add bandwidth, but ultimately 20 years down the road, this can't continue as a footrace. The internet as a whole has to get smarter in denying DoS attacks."
VeriSign is currently upgrading its infrastructure in a scheme called Project Titan. This has included adding bandwidth, but it is also monitoring its systems more closely.
"Our monitoring systems now resemble those for the space shuttle," said Silva. "We monitor the capability of our CPUs and memory allocation on all of our servers. We're predicting what problems will occur rather than waiting for them to occur."
Many public-sector organisations in the UK suffer from DoS attacks. The Probation Service has upgraded its servers in the past week to cope with the traffic created by botnets, according to a security manager for the Probation Service.
"We've had to upgrade our hardware in the last week to cope with an unexpected increase in the volume of malicious traffic at the network gateway," the security manager told ZDNet.co.uk. "Simply coping with that is compromising our ability to run our business. The problem is simply coping with what is coming at us."
Tim Pickett, a former technical security analyst at AOL, said that ISPs should monitor their networks to mitigate DoS attacks. "ISPs should be monitoring what's going through their networks," said Pickett. "More should be done to tackle the problem on the ISP side."
In order to post a comment you need to be registered and logged in
Log in or create your ZDNet UK account below
By signing up for this service, you indicate that you agree to our Terms and Conditions and have read and understood our Privacy Policy. Questions about membership? Find the answers in the Membership FAQ
i agreed to the terms and conditions guilding this contract please creat an an acount for me
6 minutes ago by uzan on Gmail: a first look
Buzz My Stat : New search for http://www.zdnet.co.uk Take a look: http://www.buzzmystat.com/site/zdnet.co.uk
54 minutes ago on Twitter by BuzzMyStat
Hi Jamie, I'm sorry your comment got caught in the spam filter. We use an industry standard blacklist for this. I suspect that the comment may...
5 hours ago by Karen Friar on Spam? Filter Changed?
Pop - Neither have I. Ever, under any circumstances. I'm much more accustomed to Windows slowly, but inexorably, consuming more and more disk...
6 hours ago by J.A. Watson on Can you believe it - 2765 kB will be freed?
Apple are currently pushing to get tv content on the iPad by April 3rd. This could possibly be seen as a spoiler for that announcement I suppose....
19 hours ago by John Molloy
Hey - presume you mean something that builds on Apple's existing TV device? Apple have already had a couple of runs at building Apple TV and it's...
1 day ago by Andrew Donoghue on Google's TV timing may reveal more to come
Google, Sony, Intel may build TV project www.zdnet.co.uk/news/emerging-tech/2010/03/18/google-sony-intel-may-build-tv-project-40088359/
1 day ago on Twitter by BVE2011
70,0000 to 90,0000 computers? A very small number considering some of these botnets are in the millions, and there are so many of them operating,...
1 day ago by ator1940 on Microsoft says it decimated Waledac botnet I agree Roger, and why can't they write secure code? What will happen when they find stolen code in windows? They have a track record of...
1 day ago by ator1940 on Microsoft lashing out at Linux, open source Do you think it will really take days?
1 day ago by ator1940 on Microsoft previews Internet Explorer 9 with HTML 5 support
Wonder how many days it will take before somebody codes an exploitive hack for IE9?
2 days ago by Xwindowsjunkie on Microsoft previews Internet Explorer 9 with HTML 5 support
There are some really good people in Microsoft and I wonder, how embarassing it must be for them to see how the organisation behaves from it's...
2 days ago by roger andre on Microsoft lashing out at Linux, open source On further inspection, it looks like some things are missing, is it possible that there was a time lag between whatever state the site was in that...
2 days ago by J.A. Watson on Welcome to the new ZDNet UK community!
Ok. Now I'm getting annoyed. Previously I could just click on just about any item or comment I saw and get a reply box. How do I manage that...
2 days ago by Tezzer on ZDNet UK: faster, smarter, still IT all the way hey Roger. Think I have spotted a bug as when I click on my name it takes me to the same page as if I had clicked on "Edit Profile". i.e...
2 days ago by Andrew Donoghue on ZDNet UK - Now cleaner than an Archbishop's conscience
Great new look for ZDNET UK web-site http://bit.ly/9R5eAA to check it out @ZDNetUK #zdnet
2 days ago on Twitter by ajclarke
Microsoft previews Internet Explorer 9 with HTML 5 support - zdnet.co.uk http://bit.ly/9FSh23
2 days ago on Twitter by feedfrogFor multi-store outlets, including retail, banking, grocery, gas, hospitality, convenience stores and others, reducing (or avoiding) the cost of in-store system support and maintenance while maintaining compliance with PCI and other requirements has become a strategic challenge.
Speaker: Dr. Chenxi Wang, Principal Analyst, Security and Risk Management, Forrester Research, Inc. As Enterprises are increasingly connected to the Internet and as hard organizational boundaries are fast disappearing, security professionals are facing fresh challenges in Enterprise computing.
This tutorial is for new MindManager users and teaches you how to get started, by creating maps, reading maps and organizing your information.
Talkback
Judging by my recent experience of very poor surfing (etc.) on the Internet, either the Internet is overwhelmed per se or by constant attack or abuse of whichever kind.
Moley 25 Sep 07 18:52 ReplyI have noticed a slow down in connections, mostly in the early morning hours, and with most sites on the U.S East coast. I just figured since they are one hour ahead of me that was the reason, but it could go deeper.
ator1940 26 Sep 07 06:00 ReplyWhen government task forces that enforce these kinds of legal issues on the internet have enough funds that they can start breaking down the doors of the users performing these kinds of attacks.
eylusion 1 May 08 20:24 ReplyIf you were to go into the business district of your town and start barring the entrance from would be customers you better believe the cops will show up within moments to remove you.
Anonymity is a nice thing to have on the internet, but at some point we are going to have to start holding these proxy servers in beijing, or wherever accountable for their traffic. At the very least it would be nice if someone could figure out how to turn these bot-nets against their puppet masters, and see how they like it for a spell. Before arresting their dumb arses. One thing that really pisses me off is these guys have got nothing better to do than disrupt business, etc, now if they were DoS Web 2.0 social networking websites like myspace, friendster, and what have you, I'd actually be cheering them on because these websites serve no purpose what so ever, and do more harm than good for communities as a whole.
You know if these low lifes actually had goals or aspirations in their life, you would think when they turned a million computers into drones, instead of attacking websites, they would install distributed computing systems, like folding@home or Seti, or crunch large meteorological data so maybe we could predict horrible Tornado's sooner or something. You know something actually productive or useful to the community, not that i'm condoning hacking some home users computer, but if an in the event that they did and or will, maybe just maybe they might think about doing something useful with that ability.
Personally, I say we need to find out how to track these ip addresses better, triangulate people's positions over the cellular network if they have their gps turned off, start holding more people accountable.
P.S. I say burn em all
Matt