Massive attack on the Internet

2002/10/24 Mendiburu, Joana - Elhuyar Zientziaren Komunikazioa

• Internet

During the attack, 9 of the 13 main servers received 2 or 3 times more information than they can handle. Experts say the attack was based on the Internet protocol for message control (Internet Control Message Protocol, ICMP). The ICPM protocol channels IP packages with error messages, control and information and although it does not correct errors it identifies at least incorrect addresses. For an hour, from a large number of computers around the world, numerous ICMP packages were sent to 13 servers. As a result, 9 servers were saturated and could not properly handle the request, so at that time the Internet only worked with four other servers.

This was no problem for users, since the attack was quite short and Internet infrastructures are also available for this type of services. It seems that only one of these 13 servers is enough for the Internet to work, although the exchange of information is slower.

However, this attack has provoked a debate on the protection of this infrastructure. In fact, while the IP protocol is not able to accurately identify the origin of these packages, protection against these attacks will be difficult. At the moment, US authorities, associations dedicated to Internet management and the FBI are trying to identify the authors of this attack.