With Fridays on the Internet now a virtual Mad Libs game of which government website Anonymous will take down next, the director of the National Security Agency wants the White House (and no doubt anyone handling the NSA budget) to know that the hacker collective could very well cause at least a limited power outage in the next two years, the Wall Street Journal reports.
The article explains that the concern is real, but has not yet been expressed directly:
Gen. Keith Alexander, the director, provided his assessment in meetings at the White House and in other private sessions, according to people familiar with the gatherings. While he hasn't publicly expressed his concerns about the potential for Anonymous to disrupt power supplies, he has warned publicly about an emerging ability by cyberattackers to disable or even damage computer networks.
Boy Howdy! That'd be one heck of a DDoS assault!
DDoS (distributed denial of service) attacks remain Anonymous' chief weapon in bringing down websites — generally achieved by overloading a website with access requests so that it no longer has the dedicated resources to function properly. Security experts believe this was the method behind a series of Friday attacks for which Anonymous claimed credit, including the Department of Justice, the U.S. Copyright Office, the FBI, the CIA and the Federal Trade Commission.
Even Anonymous will tell you that, unlike taking out a power grid, such takedowns are not that hard to do.
Speaking with Wired.com via an online chat as the February 14 attack on the FTC website commenced, an Anonymous source readily stated the whole operation was easy-peasy: "As one remarked, 'own & rm and move on.' (rm being a unix command to delete data.)"
Why so easy? Hmmmm ...
Well, there's this! Following that first smackdown on a FTC website earlier this month, the PR firm in charge of that and other .gov sites never got around to safeguarding the rest, Ars Technica notes. Indeed, the U.S. government's public-facing websites have notoriously weak security — and that by comparison, no hacking collective has ever managed to take out a place where real coders work (such as, you know, Facebook) for any discernible amount of time.
And so, attacks on government sites "are going to happen more and more frequently — they’re unstoppable," Jerry Irvine, a member of the National Cyber Security Task Force, told the New York Times following the CIA website attack. "Why can’t they be stopped? Because security technologies have not kept up with the extent of the vulnerabilities that exist.”
But attacks on government sites are not the same as attacks on government networks. The real threats to the power grid are limited, according to U.S. intellegence officials, and not coming from Anonymous.
"The countries that could most quickly develop and use cyber means to destroy part of the grid — such as China and Russia — have little incentive to do it. Those who might have more incentive, like Iran or North Korea, don't have the capability," the Wall Street Journal reports. "Officials already have found what they say is evidence of Chinese and Russian cyberspies snooping in computer systems that run the electric grid, possibly in preparation for a conflict with the U.S. The governments of China and Russia have denied any involvement."
Anonymous, for its part, has never mentioned any threat against the power grid — just more website attacks each and every Friday, culminating in Operation Global Blackout on March 31, which is about shutting down the Internet, not the power grid. Such a plan may be over ambitious, but not without meaning.
"The Internet should be able to absorb the attack the group outlined, said Richard Bejtlich, chief security officer at computer-security company Mandiant," the Wall Street Journal reports. "The announcement, however, shows the network's intent to wage more destructive attacks."
More on the annoying way we live now:
- CIA site back up after Anonymous claims attacks on it and Alabama state sites
- How Facebook keeps the porn, gore and hate out of your News Feed
- Report: These tech companies sell spy tools to dictators
- 7 signs we're living in the post-privacy era