February 11, 2014
A huge denial of service attack occurred earlier today. It exploited a key vulnerability in the infrastructure of the internet, according to online experts, and presages things to come.
Hackers took advantage of a weakness in the Network Time Protocol, a system designed to synchronize computer clocks. The exploit sent a massive amount of data to servers.
It was predicted this technology would be compromised and allow the introduction of malicious attacks, according to Cloudfare, a content delivery network and distributed domain name server service.
CEO Matthew Prince posted a response to the attack on Twitter. He said that “someone’s got a big, new cannon” and the attack was the “start of ugly things to come.”
The mysterious attack arrived several days after the National Cybersecurity and Critical Infrastructure Protection Act worked its way to the House floor. The legislation has unanimous approval of Republicans and Democrats.
HR 3696 will codify into law the National Cybersecurity and Communications Integration Center, a public-private collaboration within the Department of Homeland Security. The center will offer real-time cyberthreat information sharing across critical infrastructure sectors, according to Bank Info Security.
“The emergence of complex, multistage exploits that quietly penetrate critical targets by leveraging vulnerabilities several links away from the target mean that it is difficult to be sure any system is effectively isolated. Because of this level of complexity and interconnectivity, it almost is impossible to find a system that might not be rated critical,” GCN, a website following public sector IT news, opined last month as HR 3696 emerged from a House subcommittee.