“This type of weapon could be devastating economically to the developed world,” said Brian Cramer, a network security consultant in San Juan Capistrano. “It has the potential to take every major company offline simultaneously.”
The new attack, announced Tuesday, is the brainchild of Max Schunard, a Ph.D. student at the University of Minnesota. The attack works by setting portions of the Internet against each other, overwhelming critical connection points, and creating a virtual storm of congestion.
"Normal attacks work like a hammer, but this is more like a surgical tool," says Cramer. "If you cut the Internet in just the right places, the whole thing will go down."
Thankfully, Schunard doesn't want to destroy the Internet; instead he is suggesting improvements that can prevent this type of attack in the future. The attack is a variation of a previous attack dubbed ZMW, which could disable a single website or network. Schunard's version builds upon ZMW and enables it to launch against all the networks on the Internet simultaneously.
How Effective Is It?
“It's clearly a problem,” said Cramer. “But it's fixable in the long-term, and I doubt it would completely disable the Internet.”
One of the challenges facing a would-be attacker is the scale and complexity of the attack. For instance, Schunard estimates it would take at least a quarter-million PCs to be infected with a specific type of virus before an attack could be mounted. In addition, the sheer complexity of the attack would be daunting to most casual hackers, who generally prey on weak systems with much less sophisticated tools.
“However, the attack could be appealing to a nation's military,” said Cramer. “More scary is a well-funded, tech-savvy terrorist group getting their hands on it. If such a scenario did occur, there is little we could do to stop it today.”