Anonymous, or someone pretending to be part of the elusive hacktivist network, has threatened to launch a coordinated cyberattack that would effectively shut down the worldwide Internet. But a few notable errors in the group's manifesto announcing the mission may reveal this to be merely an April Fool's Day hoax.
On Feb. 12, an announcement appeared on the file-hosting site Pastebin declaring March 31 as the day "anonymous will shut the Internet down." Called "Operation Global Blackout," the massive cyberattack, the message claims, is a protest against "SOPA, Wall street, our irresponsible leaders and the beloved bankers who are starving the world for their own selfish needs out of sheer sadistic fun."
It's not designed to kill the Internet, but to temporarily take it down to prove the hackers' point.
A lofty goal, certainly, but the author of the message — he or she didn't sign it, and the Pastebin post was uploaded by "a guest" — has the Internet destruction plan mapped out.
Operation Global Blackout
Operation Global Blackout (OpGlobalBlackout) calls for supporters to download a denial-of-service launching tool, called "Ramp," which will flood the 13 root Domain Name System (DNS) servers of the Internet with more requests than they can possibly process.
The Domain Name System, Robert David Graham from Errata Security explained in a blog posting, "is like the phone book of the Internet that translates machine names (like www.facebook.com) to network addresses (like '18.104.22.168'). If hackers can disable the global DNS name system, then typing in your favorite website into your browser will produce an error."
Anonymous said the global shutdown, "may only lasts [sp] one hour, maybe more, maybe even a few days," the author wrote. "No matter what, it will be global. It will be known."
13 is not really 13
Graham explained that there are 13 root domain servers in the world, but it isn't as easy to take them out as Anonymous thinks. Each one is managed by different organizations, uses different hardware and software, and therefore, "a technique that might take out one of them likely won't affect the other 12."
Then there's "anycasting," — another reason Graham believes Anonymous can't succeed with this plan — which tweaks the Internet routing table and redirects traffic for DNS servers to other servers located throughout the world. Of the 13 root domain servers, nine are really dozens of different, dispersed machines acting as one, and each has a backup.
Kim Davies from the Internet Corporation for Assigned Names and Numbers (ICANN) put it more succinctly: "There are not 13 root servers. There are many hundreds of root servers at over 130 physical locations in many different countries."
The number 13, Davies wrote, is a "technical design limitation that means 13 is a practical maximum to the number of named authorities in the delegation data for the root zone."
This discrepancy is critical, Graham said.
"The Anonymous hackers can certain[ly] cause local pockets of disruption, but these disruptions are going to be localized to networks where their attack machines are located," he wrote. "They might affect a few of the root DNS servers, but it's unlikely they could take all of them down, at least for any period of time. On the day of their planned Global Blackout, it's doubtful many people would notice."
April Fool's Joke?
If Anonymous really plans to carry out this master plan, maybe the hackers should have chosen a different day. As it is now, Andy Greenberg from Forbes thinks the blackout plan is an elaborate April Fool's joke, or, as he wrote, "another example the dare-you-to-react trolling that Anonymous has refined to an art form."
Noted security researcher Dan Kaminsky said the media hype surrounding the announcement may in fact be more damaging than what the hackers do — if they actually do anything, that is.
"When you set a deadline, the press gets all 'doomsday is coming,' and that's more disruptive than any actual outrage," Kaminsky told Forbes. "Anonymous doesn't need to do anything on March 31. The more threat is enough to keep people talking about them and what they represent."
Related on SecurityNewsDaily: