The recent attack on the Internet’s root servers was more than just a few hackers having fits and giggles with the DNS. In fact, the incident could be the first volley in global information warfare between the private sector of the United States and the government of China.
The story as the unclassified media has played it: Three of the world’s 13 root servers that manage the DNS, translating URLs into IP octets, were victims of intense distributed denial-of-service (DoS) attacks with malformed packets. The U.S. Department of Defense and ICANN servers were the hardest hit. There was no major damage.
The lesson the media gave: Folks at home and at the office should do a much better job of protecting their machines from being taken over by zombies, bots or other malware that can become part of a distributed DoS attack. True — but the real story is much more foreboding.
In 1991, the U.S. Congress dismissed as farfetched the concept that concentrated infowar or cyberterrorist-like attacks could substantially disable the U.S. government and private sectors. Even the work of the National Research Council in 1991’s “Computers at Risk” didn’t urge the security and protective measures needed to build national and global information infrastructures.
“The rules of the competition for global economic and political influence aren’t the same for everyone,” I wrote in the 1993/1994 editions of Information Warfare, and for a decade thereafter, we talked about Electronic Pearl Harbors and other untenable concepts. The premise was simple: Hacking and Internet abuse would soon become part of the international weapons arsenal, used by well-organized, well-funded and motivated groups with political, religious or other fomenting agendas.
In late 1998, the Chinese reintroduced the concept of unrestricted warfare. Essentially, the Chinese government didn’t feel it could defeat the United States in a military contest, so it deemed the U.S. private sector, particularly financial institutions, a legitimate target of war.
So what were the Feb. 6 DNS attacks? More than likely the Chinese government, engaged in a form of Class III Information Warfare, was performing a cyber-reconnaissance and probe of one layer of the Internet’s defensive systems. Just as the United States once flew U2 missions over the Soviet Union to determine its reaction to our penetration of its airspace, the Chinese appear to be doing much the same thing, and the only reason to perform such cyber-intelligence is in preparation for cyber-conflict of some sort.
The initial internal reports suggest a deep concern that the asymmetrical nature of unrestricted war presents numerous problems for the United States, reopening decades-old debates: Should the U.S. military protect the financial/private sector? Is a cyberattack an act of war? Do you respond to nation-state or non-nation-state attacks the same way? From a private communication, the Departments of