On Wednesday, an ISP that served as command and control for some botnets was taken offline.
On Thursday, a distributed denial-of-service attack disrupted three major US social network sites.
No solid evidence has been released as to why this may have happened or if the above two things are related. That means it’s time for a conspiracy theory!
Maybe this wasn’t automated, but it’s an insidious idea. What if this was automated retribution for attacking the botnets’ C&C; infrastructure? Think of it as a bold new stride in mutually-assured-destruction between the security community and cyber-criminals.
Would security professionals (or the people at ISPs that work with them) be less likely to help cooperatively police the internet if they were going to be implicated in the next major disruption of public services? I bet so. Even if the professionals resist the coercion, it’s hard to imagine that their bosses are immune, and there’s no motivation like a disappearing paycheck.
I can only imagine Gary Oldman being cast as the disgruntled Latvian cyber-criminal. Bruce Willis plays the FBI agent? Or maybe Harrison Ford if this becomes the next Clancy novel. Don Cheadle as Barack Obama? The mind reels at the Hollywood possibilities.
If this is related, I just hope that it doesn’t become more fodder for legitimizing government control over the Internet “because it needs it”. Government law enforcement support might be helpful, but not invasive manipulation.