Anonymous threatens to bring down the internet

Supposed members from the hacker group Anonymous are threatening to shut down the internet on March 31st, calling it 'Operation Blackout.' The decentralized group issued a press release on Pastebin announcing the their most ambitious plans yet: to take down the thirteen servers that form the DNS directory.

According to the statement, the attack is meant to send a very strong message in protest of "SOPA, Wallstreet, our irresponsible leaders and the beloved bankers who are starving the world for their own selfish needs out of sheer sadistic fun." Even though such an attack would no doubt affect everyone, the statement says that is not the purpose.

By cutting these off the Internet, nobody will be able to perform a domain name lookup, thus, disabling the HTTP Internet, which is, after all, the most widely used function of the Web. Anybody entering "http://www.google.com" or ANY other url, will get an error page, thus, they will think the Internet is down, which is, close enough. Remember, this is a protest, we are not trying to 'kill' the Internet, we are only temporarily shutting it down where it hurts the most.

How, exactly, would someone go about shutting down the Internet if they wanted to? Would it even be possible? The attack plan follows the usual Anonymous method, a DDoS (distributed denial of service) attack, but targeted at the DNS directory.

So, what is the DNS directory? In layman's terms, it converts the web address you enter into an IP (Internet Protocol) address, which tells the servers where to send you. If the DNS system were to fail, you wouldn't be able to enter a website unless you knew the IP address, which very few people would know.

So, will it happen? Who knows; thanks to Anonymous' decentralized nature, it's hard to figure out if a message is even coming from the real 'group', and it's even harder to know if they actually have the ability to carry out such an attack. We'll just have to wait and see, but if the Internet does go down, we probably won't be here to let you know.

Report a problem with article
Previous Story

MetroTwit 1.0 now available + win in our giveaway!

Next Story

GAME shuts down 277 stores in UK; over 2,000 jobs lost

91 Comments

Commenting is disabled on this article.

Anon is the most powerful hacker group in the world, I wouln't at all be surprised if they brought down the internet they have already proved that they carry out what they say they will do.

I just wish someone would find these Anonymous idiots and take them out....permanently. I'm sick of terrorists getting away with crap. The time for playing nice should have been over a LONG time ago. Death to terrorists.

I don't know why people pay attention to this stuff. Anyone can claim to be in Anonymous.

"Hey everyone, I'm part of anonymous and tomorrow we are going to DDOS the Mars rover!"

...but if the Internet does go down, we probably won't be here to let you know.

While I don't think it will actually happen, this bit made me laugh.

ISP DNS would just operate from its last update. So, unless something has changed, nothing will change.

Also, if they did succeed, it would bring forth a lot of hardcore internet regulations defeating the entire purpose of their protest.

You all don't seem to realize that they're everywhere. They work for the ISPs, Law Enforcement, McDonalds, they're in ur burgerz, stealin ur picklez, They're your mailman, your Landlord, everywhere.

It's possible. They will try. I hope they're successful. It'll plummet Earth into productivity for a day.

VoX said,

It's possible. They will try. I hope they're successful. It'll plummet Earth into productivity for a day.

Not it wont workers around the world will go on strike because of no facebook

the original blackout brothers are suing the USAGOV financiers of BackTrace Security for Intellectual Property Attribution Infringement. Do you even check google before retweeting?

proof linked at blackout.AaronBale.com

If they were serious they wouldnt DDOS the servers; They would simple inject fake IPs.

Said that, it is IMPOSSIBLE to take down ALL the DNS servers in the world.

All for the LULz people! Escape From LA here it comes, do not forget to shut off all powers Anon, TROOPERS of TroLLinG. Everyone lets flush our toilets at the same time, it is fun to do retarded things. People do not forget to put foils on your head on March 31st.

Silly kids. Even my gf who is BFU says "you cant just bring down the Internet" and she is right! DNS IP addresses are anycasts, there are NOT 13 servers, but 13 IPs. Also, such an attack would have to last for days if not weeks because our computers cache recenty obtained IPs.

scratch42069 said,
Anonymous' only reason to exist is so everyone will cry to the government to do something. Don't even fall for it people.
Sabu is now working for the gov

good thing i have other things to do on a saturday than be on the internet, that and where i will be going don't have internet

Really, the are going to attack the root servers? The servers that you can't talk to, the ones that have been locked down and refer you to other servers, that have not been used for DNS lookups for years? AWESOME go for it. (<---- SARCASM)

So they plan to do DDOS attacks on servers that get millions of requests constantly anyway? These are the same DNS servers that the world already relies on every second of every day. The reason DDOS attacks work is because servers aren't usually designed to hand millions of requests constantly. These servers are. What am I missing here?

ILikeTobacco said,
So they plan to do DDOS attacks on servers that get millions of requests constantly anyway? These are the same DNS servers that the world already relies on every second of every day. The reason DDOS attacks work is because servers aren't usually designed to hand millions of requests constantly. These servers are. What am I missing here?

Actually, they don't get *that* many requests. ISPs cache most of it anyway, only connecting up to them once in a while.

jbrooksuk said,

Actually, they don't get *that* many requests. ISPs cache most of it anyway, only connecting up to them once in a while.

Ah, makes more sense then. I was going to say, it would be as dumb as attempting to DDOS Google.

just run your own DNS Server.

Why does the media continue to give these losers the attention they are craving? Same with all this "occupy" crap, don't give them any media attention and they will just go away.

RichardK said,
just run your own DNS Server.

Why does the media continue to give these losers the attention they are craving? Same with all this "occupy" crap, don't give them any media attention and they will just go away.

You sound very ignorant when you say that. So when the internet is down, then you ran frantically to the TV to find out what had happen? And call your neighbor asking what have happen?

Pretty sure this won't work.

People will just end up hitting there ISP's DNS cache as they do normally. Requests actually making it up to the root DNS are pretty rare. Unless they can maintain the attack for a significant length of time, most people won't even notice. "/

They shoot themselves in the foot so often i'm starting to wonder whether it's not a false-flag operation so goverments can demand better protection (read: censoring) against these script kiddies /tinfoilhat

OH NO! ANONYMOUS MIGHT SLOW DOWN DNS UPDATING!!! *CRIES* seriously.... when they find a way to take down the thousands of ISP cached DNS servers then we will talk... this is just a bunch of propaganda BS to people that think the whole internet runs on root servers

neufuse said,
OH NO! ANONYMOUS MIGHT SLOW DOWN DNS UPDATING!!! *CRIES* seriously.... when they find a way to take down the thousands of ISP cached DNS servers then we will talk... this is just a bunch of propaganda BS to people that think the whole internet runs on root servers
So after the 57 minute cache expire on the ISP DNS servers and the Root Servers is down that = No Internet

There aren't even exactly 13 "servers". They're clusters. I'll bet everything that I own that nothing will happen even if they attempted it.

jbrooksuk said,
There aren't even exactly 13 "servers". They're clusters. I'll bet everything that I own that nothing will happen even if they attempted it.

yeah and they are distributed all over, not in one location on one line that you could saturate one line and take them down... some of them have 1Gig connections dedicated to them with multiple redundant link paths... which is hard to saturate with a DoS attack

neufuse said,

yeah and they are distributed all over, not in one location on one line that you could saturate one line and take them down... some of them have 1Gig connections dedicated to them with multiple redundant link paths... which is hard to saturate with a DoS attack

That may be so, but all the power stations and UPS units connected to them are vunerable to attack.

Lets not forget that the Stuxnet virus was designed to attack the actual firmware in the control boards for iranian power plants, in effect taking them offline. It was targeted at just them. There is nothing to suggest that anon couldn't be able to do something like this for the root DNS servers too.

/daydreaming

sagum said,
There is nothing to suggest that anon couldn't be able to do something like this for the root DNS servers too.

Except the time for this short notice, the lack of funding and especially the lack of a test centre that is capable of mimicking every ISP individually caching the DNS.

Memnochxx said,
Could we stop reporting on such nonsense here, please?
Maybe it's nonsense to a non-geekster but this type of info is very relevance to computer tech savy users.

Krome said,
Maybe it's nonsense to a non-geekster but this type of info is very relevance to computer tech savy users.

I suppose it's nonsense because we all know it won't happen.

I don't think they thought this through. DDoS the DNS servers? Umm, the amount of traffic that has to go though DNS servers just on a regular basis is going to be magnitudes larger than the amount of traffic a few kids can generate through their DDoS program. I'm pretty sure the servers can handle the load.

Hmm, okay. There are, however, thousands of public DNS servers in the world, pretty much every major ISP has one. They update from root only once in 24 - 48 hours, I think. Wouldn't this sort of redundancy kind of make this attack futile?

Phouchg said,
Hmm, okay. There are, however, thousands of public DNS servers in the world, pretty much every major ISP has one. They update from root only once in 24 - 48 hours, I think. Wouldn't this sort of redundancy kind of make this attack futile?

That's my thought too. The 13 root servers are only the top of a very tall heirarchy. Hell it's not even that hard to set up a personal DNS server in your living room. The DNS servers aren't going to wipe themselves next time they can't get their updates, they'll just stick with the out of date entries. The only potential issue might be with new domain registrations.

They really didn't think this through

Majesticmerc said,
The DNS servers aren't going to wipe themselves next time they can't get their updates, they'll just stick with the out of date entries. The only potential issue might be with new domain registrations.

They really didn't think this through


Well actually, they are meant to wipe themselves. The period for keeping the cache alive is much longer than Anonymous could pin any server down for though.

Sacha said,

Well actually, they are meant to wipe themselves. The period for keeping the cache alive is much longer than Anonymous could pin any server down for though.

Interesting. Why do they do that? Seems a little... unsafe if you ask me.

Even if they made the root 13 servers inaccessible for a period of time, I highly doubt it would have any effect. Doesn't every ISP around the world maintain DNS caches?

TCLN Ryster said,
Even if they made the root 13 servers inaccessible for a period of time, I highly doubt it would have any effect. Doesn't every ISP around the world maintain DNS caches?
Yes but when you list your domain with a name server, you set a cache time. Some sites have days/weeks as their cache time, but most sites are a single day or less to allow them the flexibility to change quickly to another IP (colo move, etc). Google's DNS cache for google.com is a few minutes.
Once the cache expires, the ISP DNS needs to look at the root DNS servers again to find if it has changed. If it can't get a response, you're not going to get to google by http://www.google.com.

TCLN Ryster said,
Even if they made the root 13 servers inaccessible for a period of time, I highly doubt it would have any effect. Doesn't every ISP around the world maintain DNS caches?
Yes but when you list your domain with a name server, you set a cache time. Some sites have days/weeks as their cache time, but most sites are a single day or less to allow them the flexibility to change quickly to another IP (colo move, etc). Google's DNS cache for google.com is a few minutes.
Once the cache expires, the ISP DNS needs to look at the root DNS servers again to find if it has changed. If it can't get a response, you're not going to get to google by http://www.google.com.

TCLN Ryster said,
Even if they made the root 13 servers inaccessible for a period of time, I highly doubt it would have any effect. Doesn't every ISP around the world maintain DNS caches?

Whos said it's 13?

http://blog.icann.org/2007/11/there-are-not-13-root-servers/

Let's see how they can hack all of them. By announcing it further ahead, they made the job even harder, but to be honest, it sounds like a joke. Bringing down internet. lol

eddman said,

Whos said it's 13?

http://blog.icann.org/2007/11/there-are-not-13-root-servers/

Let's see how they can hack all of them. By announcing it further ahead, they made the job even harder, but to be honest, it sounds like a joke. Bringing down internet. lol

Yeah when they announce how they going to do it and using what method and stuff, they screw themselves up on that. It's like playing poker and telling other person to fold cos they have this card and that card.

eddman said,

Whos said it's 13?
http://blog.icann.org/2007/11/there-are-not-13-root-servers/

Let's see how they can hack all of them. By announcing it further ahead, they made the job even harder, but to be honest, it sounds like a joke. Bringing down internet. lol

That site just confirms there are 13 root server IPs. But each IP is associated to approximately 10 real servers in varying countries.
So they'd need to take out a majority of those 13 IPs. Probably not all of them though.

Sacha said,

That site just confirms there are 13 root server IPs. But each IP is associated to approximately 10 real servers in varying countries.
So they'd need to take out a majority of those 13 IPs. Probably not all of them though.

13 IPs, yes; 13 servers? no.
How do you even take out an IP?! Is it even a real term? You take out servers not IPs, right? Besides, when an IP is distributed among so many servers, how do you take it out?

eddman said,

13 IPs, yes; 13 servers? no.
How do you even take out an IP?! Is it even a real term? You take out servers not IPs, right? Besides, when an IP is distributed among so many servers, how do you take it out?


Each IP must link to a single device... perhaps a load-balancer... so presumably, you take out the 13 load balancers and you take out the hundreds of servers behind them. Thing is, they say on the PasteBin article that they plan on a DNS attack... not very smart!

How is that even possible, every ISP has there own DNS servers.

They would have to take out every DNS server on the Internet for it to work on a global scale they cant just go after the root servers, and I'm sure they have defenses in place for DDOS attacks.

Nexus1974 said,
How is that even possible, every ISP has there own DNS servers.

They would have to take out every DNS server on the Internet for it to work on a global scale they cant just go after the root servers, and I'm sure they have defenses in place for DDOS attacks.


Basically, you'd have to take out the root nameservers (the ones that have addresses for the .com, .uk, .net Top Level Domain servers), and you'd have to keep them down longer than their TTLs (Time To Live) which at which time sub-domain and caching servers would refresh and break. Even so, not all cachers would bother refreshing immediatly after the TTL expires, and chances are there will be multiple redundant lines you'd need to clog up as well.

TL;DR, there is still a dependency on nameservers further up the DNS hierarchy, but good luck.

Nexus1974 said,
How is that even possible, every ISP has there own DNS servers.

They would have to take out every DNS server on the Internet for it to work on a global scale they cant just go after the root servers, and I'm sure they have defenses in place for DDOS attacks.

Did you guys even read what they paste on pastebin?

Will we be able to use DNSlookup in Command Prompt? Or shall I start scribbling down IP addresses in advance ;-)

Or shall I not bother because I doubt they'll pull it off =D

I just made a list of IP addresses of common sites I go to just in case. Anonymous has done some crazy stuff in the past. It is doubtful but it would be funny to see people try to function on that day,

McKay said,
Will we be able to use DNSlookup in Command Prompt? Or shall I start scribbling down IP addresses in advance ;-)

Or shall I not bother because I doubt they'll pull it off =D

msteger90 said,
I just made a list of IP addresses of common sites I go to just in case. Anonymous has done some crazy stuff in the past. It is doubtful but it would be funny to see people try to function on that day,

Hell, if you really want to, you can run a local DNS server from your own computer. Obviously, the DNS database wouldn't update if the main DNS servers went down, but you'd still be good for the majority of the internet. Apparently, you can actually speed up web browsing alittle by doing it.

I expect to see a thing later today or tomorrow saying that this is a rogue group and Anonymous has no plans to attack the Internet.

Pupik said,
Anyone else actually yawned upon reading the article?

Yes... Especially since uneducated people get all worried and start running around in circles cause they think anonymous is serious business.

Lucas said,

Yes... Especially since uneducated people get all worried and start running around in circles cause they think anonymous is serious business.
lol what if it does happens? I guess I will have to wait a couple hours to laugh at you guy's face for when that happens... but I don't think it will happen too cos when you already gave hint to the public, they are already screwing up their plan. They should have just said what they gonna do and leave at that. They already explain the exploit and flaw, so I think IT people are probably busy trying to counter that.

Pupik said,
Anyone else actually yawned upon reading the article?

well if it really does happen, doubt you'll get much sleep and really be yawning . always take such threats seriously... no matter how silly they seem..

Dusco25 said,
DDoS the GLOBE.. silly kids

My thought exactly!! This is not possible!! They “might” be able to cause DNS delays for a single ISP, but even that, I doubt. Consider the fact that the best they could do with Facebook was slowing the sight down slightly for about 30 minutes.