University Boffins say they've devised a way to take down the internet by turning core parts of its routing protocol against itself. The attack, which was presented last week at the Network and Distributed System Security Symposium in San Diego, California, attacks functionality in the BGP, or Border Gateway Protocol. The …
Been there and seen it
A few years ago we had a major router malfunction. The tables got scrambled and propagated to all of our routers. The result was such that to get to a site the route would go all over the place with many hops or not reach the destination.
We had to shut down all routers, then bring them up one at a time so they could download the accurate tables.
This outage cost us $230 a MINUTE because our factory was impacted too.
This sounds similar to our "Router flap' incident.
A bit more than a router flap, I think...
> This sounds similar to our "Router flap' incident.
Well, if operators really had to isolate and reboot all the BGP4 speakers in the world, it would be a bit more of a news story than that, I think. $230/minute wouldn't come near to covering it.
However, I suspect there is more robustness in the real world than the paper assumes, and operators do talk to each other when things go funny. Admittedly, they usually talk by email, and they might have to revert to steam-powered telephones in this case.
Could take the phones down too ?
"Admittedly, they usually talk by email, and they might have to revert to steam-powered telephones in this case."
A growing proportion of phone traffic is routed using TCP/IP. I worked directly on this infrastructure a long time ago when it was a genuinely seperate network, but from what I've read more recently major trunks circuits are increasingly routed using TCP/IP.
....we've all seen it. A few router bitchfight over control. But as poitned out elsewhere, they should start suppressing the info, but not always. We simply downed the ports on a couple fo rogue ones, let the other recover then booted the bastard.
And $230 a minute is micky mouse.
We're a Midsize Enterprise and even we are talking £1m / hour. Happen to a bank and you're talking 100x that upwards.
"...they might have to revert to steam-powered telephones in this case."
And good luck to them finding one that doesn't rely on IP telephony somewhere in the connection between the two point.....
Oh noes, is End of Wurld yes?
losing money , or just not making it?
"And $230 a minute is micky mouse.We're a Midsize Enterprise and even we are talking £1m / hour. Happen to a bank and you're talking 100x that upwards."
100 million dollars per hour ? lost ?
sounds a little exagerrated in my completely uneducated guesstimate
I've never liked the capitalistic " were losing x per hour" no - your just not making x per hour at the moment. I remember it from that IBM ad where systum gon down
no wonder banks can lose our money so fast
When all else fails....
They could use HAM radio to make contact!
Everyone who has ever run BGP has seen the issue
However, building such a bot-net requires 10's of thousands of what will be primarily residential computer systems, and more and more residential Internet service providers are blocking ICMP traffic to protect their networks from being analyzed. Already about half of the residential and small business connections that I come across can no longer do simple diagnostics such as pings or traceroutes, as well as either block or proxy outgoing port 25 traffic. I expect this trend to continue as ISPs take ever-increasing steps to secure (or stated more accurately - obscure) their networks.
Wait for IPv6
This sort of thing is much easier to do with IPv6 since you already have the info that the IPv4 system needs a botnet for.
does it take in to account route flap dampening which all the major networks do as standard specifically to stop flapping routes causing a problem? if a link keeps flapping up and down then updates from it are suppressed and stop being propagated, this causes a slightly longer outage of the flapping link, but protects the rest of the internet from having to process the updates
route flapping isn't uncommon, if it caused widescale outages every time it happened then we'd have serious problems
Well, firstly it's route flap damping not dampening (you're not making them wet!), but I think you could probably get round that by ensuring the time between the link going down and up was enough not to trigger the damping logic - plus it's my understanding that a lot of ASs only implement RFD on external links, so if you hit the 'right' link within an AS you could still cause lots of issues...
I used to work on the help desk at a major Uk ISP in the 90's and there were regular periods when there were route flaps on the network generated in US which would result in the eventual melt-down of the entire net.
It used to take around 4 hours to sort out. This was plenty of time to head to the pub for an extended lunch.
However, after about 6 months of this the peering operators got so practiced at sorting it out we eventually got a phone call to come back to the office just as we were about to order our first pint. In the end they could sort it out in about 20 minutes (this was before route flap damping btw).
This whole situation led to one of my fondest memories of the period when someone on the helpdesk stood up and announced (in a VERY loud voice) that 'They've got huge flaps in the States!' (Will you ever live that down Sam? :)
So how are plans for the next gen BGP going?
Only this seems to be one of a number of exploits that have relied on the implicit trust in management servers.
Is IP6 the silver bullet?
recovery "network operators actually talking to each other"
And there's the potential flaw.
One reason we've moved from a certain ISP (with a name very similar to a low cost airline using orange as its main colour) is because when they had a big routing issue affecting quite a few customers (not that we could know that at the time), we could not get hold of tech support as they were all on VoIP phones. FFS.
Unless every ISP maintains POTS and keeps a large paper based phone book, recovery from any such strike could take a little longer to effect than we all hope. Given that the telco's are increasingly using VoIP, and that everyone in the world will increase their telephone traffic to compensate for the loss of email etc should this happen, I think that unless there's a reserve POTS capability, and the means of ensuring the techies get a reasonable priority of access (essential services, government etc will also need some immediately), it could all "go quiet" for quite some time.
Shame the Telex was too expensive to keep as a backup.
Amateur Radio To The Rescue !
This should be a reason for network ops people to have their boss give them time&money for an amateur radio license. Plus a proper HF transmitter (with at least 1kW of power).
Looking at IBM offices, it seems some companies did this for decades :-)
who needs all that, just whack all your iPhones, iPads and whatever else onto AT&T network and just data gouge the whole system. Seems to have worked perfectly well upto now.
Trust no one
Hasn't that been the basic fundamental of network security since IP Spoofing? Most of the time we don't even trust our own networks. In any other situation if you said it was okay for a device that you have no control over, that is external to your network, that could make fundamental changes to your system the rest of us would laugh and point and await the fun.
Whew, good thing
I backed it up
That's an imaginative attack but it sounds like it would be fairly easy to fix now that it's been spelled out.
If countries start deploying tactics like this you won't have to worry about pound sterling cost per minute or anything else like that but just that your boots are well fitted. This is why it's so daft, this peace time stuff is non divisible to carry into world nuclear war. Once it's over it's over, once it is gone it's gone. Carry on.
Error correction at parse time
Consensus here seems to support my impression that the apostrophes in the title flapped onto the wrong word.
Cyberweapon is a simple concept, not requiring quote marks.. Your granny could understand you if you told her it was something which blocked the intertubes. Now this 'research' may be a good weapon, or an ineffective one, but neither of those appraisals require quoting, Neither would the absence of some empirical 'proof of concept'. That would mean for example, always writing 'expedition to Mars' or 'Higgs boson' until such things manifest. Maybe the quotes are really insinuating this thingy is a piece of disinformation, but if so, the story is then in the comments, not the article.
OTOH the occurrence of boffin cries out for quotes, e.g, it wasn't a real boffin involved, but a trainee wanna-be; or again, it is so far a conjecture rather than an experimental result, so its author is less like a boffin and more like an airy-fairy arts grad. Or have I hit the sematics of your NaN here?
- Nokia: Read our Maps, Samsung – we're HERE for the Gear
- Ofcom will not probe lesbian lizard snog in new Dr Who series
- Kaspersky backpedals on 'done nothing wrong, nothing to fear' blather
- Episode 9 BOFH: The current value of our IT ASSets? Minus eleventy-seven...
- Too slow with that iPhone refresh, Apple: Android is GOBBLING up US mobile market