Just about a year ago, the Baltic state of Estonia went offline. Botnets, immense networks of hijacked computers, poured billions of hits onto Estonian government and commercial websites, and the Estonian servers, attempting to shoulder many times their normal load, gave up. Tensions were elevated-Estonians blamed the Russian government, who naturally denied involvement. For nearly three weeks, this siege continued. Eventually, the architect of Web War One was traced down to a Russian student living in Estonia’s capital, Tallinn (though any others involved, if any, are still at large).

Estonia is quite a vulnerable country to cyber-attacks. Besides being a reasonably small country, but just like other leading high-tech countries, it banks heavily on its computers to keep databases and necessary records stored. Other countries on that list of high-tech leaders include France, Germany, the U.K., and of course, the U.S.

After 9/11, the U.S. has become increasingly paranoid about safety—what with the border fence in the Southwest and the wars in Afghanistan and Iraq. Accordingly (as of May 2008), the U.S. has not suffered from any major terrorist attack.

To say that, though, is perhaps slightly outdated. Just as the Internet has evolved, security systems have evolved. Terrorism, on the other hand, has evolved too—only faster. Flesh-and-blood terrorism is getting phased out of developed countries as security systems improve. The stringency of an American airport’s security screening has to be witnessed to be believed—and despite the greatly increased inconvenience, this strategy seems to be working. Terrorist incidents since 9/11 have mostly occurred in the Wild West of the Middle East: mostly in Lebanon, Israel, and Iraq. There have been a few scattered incidents elsewhere, but they have been relatively infrequent and not at all crippling: bombings in Madrid and the Red Square caused minor panic but had little long-term effects. Terrorist attacks in India are side- and after-effects of Partition-era Hindu-Muslim tension. As far as flesh-and-blood terrorism—Terrorism 1.0—goes, the last crippling attack was 9/11, and the United States admirably recovered from that tragedy.

The attack on Estonia was somewhat crude—more of a coordinated mail-bomb attack than a nuke, one might say. It used a technique called DDoS, or Distributed Denial of Service, in which sites are flooded with traffic. Usually, the servers cannot cope, and the site and its associated services go down. DDoS attacks have been used for years, and server administrators have learned how to thwart these barbarians at the moat. As a result, Estonia could eventually selectively block the offending IP addresses.

Despite that fact, the Estonian attack is quite alarming—it was perpetrated by only one person (that has been caught so far). The fact that one person can cause such a significant degree of harm makes that one person incredibly powerful. And whose army, one might ask? The largest botnet in the world is estimated to have over 350,000 zombie computers. At this moment, they might be used simply to sent a few billion spam messages per day, but, as the Estonian attack shows, the potential for truly malicious use is incredibly palpable. A rogue nation has enormous power in computing.

Even some of our most solid sites are vulnerable. Did you think that YouTube could go down? No one really did. It services hundreds of millions of videos per day—terabytes upon terabytes of data. Surely, it had the capacity to deal with intense traffic spikes? Not quite so. When Pakistan blocked access to YouTube earlier this year, a mistake on the part of an ISP technician caused intense traffic spikes that shut down YouTube. Thanks to quick negotiation, though, the service came online within an hour.

Would the same happen if a malicious country hijacked a U.S. site? Botnets are located largely in the U.S., comprised of unsuspecting home users, thus eliminating the possibility of simply blocking external access to U.S. websites. An Estonian-style hunt for IP addresses would need to ensue, wasting days or even weeks of productivity—and crippling the U.S. economy. The U.S. can be likened to a porcupine, with tough outer defense. Attacking from the Internet would send a barb through the soft underbelly of the animal. A malicious nation, or a terrorist organization with a large Internet presence, could easily take down the world’s most powerful country.

The U.S. is certainly at a precarious position today on the Internet. Our borders are comparatively secure, but the wires are not. Terrorism 1.0 is inconvenient for terrorists—getting past the gauntlet of security checks, the Coast Guard, and/or the Border Patrol is difficult and risky. The Internet is a medium without these checks, and a strike there would strike closer to home than any incident in memory.

ADDENDUM: added July 4, 2008

It appears like history is repeating itself. Just a few days ago, the neighboring state of Lithuania suffered an attack of a different sort. After announcing a ban on the display of Soviet symbols, hackers defaced Lithuanian web sites with anti-Lithuanian slogans and Soviet imagery.

Fortunately for Lithuania, intelligence forewarned them of the impending attack, and the country managed to curtail a significant ammount of the potential damage. [The New York Times]

Share this post