Last month the Internet was hit with one of the most serious denial of service attacks ever. The system weathered the worldwide attack, things got back to normal within hours, and the story faded quickly from the front pages. That’s the good news.
The bad news is that the attack was probably just a test probe designed to find vulnerabilities in the system. Even worse, this attack showed that somebody has the power to exploit those vulnerabilities by harnessing millions of computers around the world — a network of bots and zombies — to mount a massive attack on the Internet without the owners of those hijacked computers having any idea what was going on.
Looking ahead, it would be naïve and foolish not to expect more of the same, only worse. Rather than pat ourselves on the back because the Internet withstood this probing attack, we should consider this latest assault to be a loud and very scary wake-up call.
Just consider one of the most recent Internet threats to surface, "drive by pharming" attacks that target home wireless routers and even cell phones to steal personal information that can be used for identity theft. And just think about how dependent on the Internet the nation’s critical infrastructure monitoring and emergency response systems have become. We simply cannot afford an insecure Internet.
Protecting the Internet from attacks by criminals and terrorists is neither easy nor cheap. But the cost of ignoring the Internet’s growing vulnerability and the criminal intentions of those who are eager to exploit it would be a lot higher.