Can One Attack Shut Down The Entire Internet?

Online hacktivist collective Anonymous has had its hands full lately. Between the SOPA and ACTA protests, the U.S. Justice Department's takedown of popular filesharing haven Megaupload, and the outrage over multinational agri-corp Monsanto, the digital hive seems to be stirring with activity nonstop. According to a text file press release posted on Pastebin,** it seemed as if the group was planning to unleash its most daring offensive yet: Shutting down the entire internet.

Anonymous twitter account @YourAnonNews has since denied making the threat. But not long ago, in chilling proximity to when the Pentagon declared cyber attacks to be acts of war, we were mulling over the possibility of a single decisive strike capable of knocking out the net in one fell swoop. Using an updated tool distributed through IRC networks, The goal seemed to be to cause a global internet outage in protest of "SOPA, Wallstreet, our irresponsible leaders and the beloved bankers who are starving the world for their own selfish needs out of sheer sadistic fun."

But would such an attack, if it occurred, actually "shut down" the internet?

It depends on how you look at it. By taking aim at 13 root DNS servers, part of the proverbial "backbone" of the internet, the aim would be to cause a widespread, indiscriminate disruption of service. In the text post, it is detailed how the updated tool exploits a flaw using spoofed packet data to generate an unmanageable flurry of requests that are then amplified and reflected to target those specific DNS servers.

DNS, if you remember, is the internet's addressing system — what allows a request typed into a browser's address bar or gotten from a hyperlink to redirect to the appropriate place on the network. When too many requests come in at once, the nodes are unable to resolve the correct addresses. This has been the method for other Directed Denial of Service (DDoS) attacks on specific websites in the past. But this newer, "reflected amplification" method packs enough punch to successfully target root DNS servers, which affects all requests, not just those going to someplace specific.

The only problem: The internet has more than just 13 root DNS servers. Even if they did manage to hit all of them, the measured effect would really only appear to be an internet blackout. The end result would likely be that it would seem like the internet wasn't working for enough people to evoke a sort of simulated, temporary cyberpocalypse. Requests would either take seemingly forever to resolve or simply not resolve at all, effectively crippling HTTP, the part of the internet we tend to use the most.

However it's likely that this would be precisely the goal of the attackers — not to destroy anything permanently, but make clear that they can, much like the Obama administration has talked about doing, disrupt everyone's internet usage with the flick of a switch. The question is whether the US, or anyone else for that matter, is prepared to deflect such an attack if it comes down to it.

• Internet Protests Really Raise Hell
• Researchers on the Cyberpocalypse: Chill Out
• Web is War: We All Live in a Warzone Now