The Fragile Internet

While many of you may not have noticed and most news outlets seem to be ignoring the issue, there is a cyberwar going on right now. The obvious question is whether the recent outages here at NicaLiving have been a result of that cyberwar. Collateral damage as the military likes to say. At this point I don't know and I may never know but it certainly is possible.

The big players in the cyberwar started with a Distributed Denial of Service (DDOS) attack on WikiLeaks. That attack is huge with numbers of 10Gb/second going around and has been going on for a week. The attack is likely the result of WikiLeaks releasing information on Trapwire, a giant US taxpayer-funded security system. As far as I can see there is nothing released that would compromise the system, just information which shows the extent that ex-CIA and other ex-government employees have created a new way to make a lot of money off taxpayers that had no idea it was happening.

The followup to this attack is a counter-attack of those have wronged WikiLeaks. In our capitalist world, wronged generally means cutting into someone's income stream. The only place I have found the counter-attack documented is the BBC. In the article it points out that Visa and MasterCard have been targets because they refused to handle donations for WikiLeaks.

I could continue the story but there are lots of sources of this information. The fact that there are currently over 1.5 million followers of the WikiLeaks Twitter Feed means things are being watched. There are also ways to access WikiLeeks mirrors using Tor and even the entire content of what WikiLeaks has released in a 30GB compressed file iis available via bittorrent. In other words, information continues to be available but at a higher cost both in terms of money and technical skills.

So, What's Fragile?

The story above is about the current war. What it has done is shown that what we take for granted, the Internet, is subject to interruption and control. To take the NicaLiving story, I have been monitoring our server. There has been no DDOS attack on it. (You can see this by going to MonosMedia.com. If you can get there, our server is fine. But, the databases used for NicaLiving, A42 and some other experimental sites are on a shared machine. I don't know who the other users of that machine are but if they were being subjected to any sort of attack, our sites would become a victim.

Moving up a notch, if you are using the same hosting company as someone being attacked, it is possible people could not get to your web pages because the attack chewed up all the bandwidth for the hosting company. Much like we all have to share the same planet, we all have to share the same Internet. While the Internet is distributed which eliminates a single point of failure breaking a substantial portion, a lot of it travels through common paths. Much like the electric grid, a failure in one part can put additional strain on other parts which buckle under the abnormal load.

While these cyberwars are going to help us fortify the whole system, there are going to be casualties along the way. Today's casualty is WikiLeaks and, for a while, Visa and MasterCard. That has shown us that the Internet is fragile. Let's hope the cure doesn't involve additional crackdowns on freedom of speech, in the name of protecting you.

Comment viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.

Dreamhost response

The response regarding the problems is here. While the answer makes sense and they have addressed the problem, we don't know if the ongoing cyberwar can be blamed.

Gauss

Is possible your host is taking preemptive measures to prevent what is going on in the Middle East with the Gaussian derivative that is targeting financial institutions. Wikileaks is ongoing 'war' with battle lines-nothing to do with your web site. China is a constant in the brute force attacks. Not sure if you have shell access, but at minimum you can deny IP addresses from these countries on the server side or with .htaccess.

May be a good first step to check which version of Apache you are using and check for any patches/updates.

Not my machine

As I said before, the issue is not with my server. The database is run on a shared server. (Had I known this before I "signed the contract" I would have gone elsewhere.) I have no clue what other sites share the MySQL server.

If you can get there, our server is fine

"You can see this by going to MonosMedia.com. If you can get there, our server is fine."

At 5am EDT this morning, I could not get to MonosMedia. Does that mean that the server is "not fine"?

No

The contrapositive doesn't work. If you can't get there, the reason can be anything from your connection is down to Nicaragua Enitel is broken (or their nameservers are down--a common problem) to ARCOS is down to ...

This is the whole point of my post. We all share resources between the endpoints of communications. Anywhere along the way some disturbance can break lots of seemingly unrelated things. As Wikileaks is still under attack I expect this little cyberwar is not over and likely to be escalating