March 4, 2012
by Maurizio Agazzi
Botnet is not just a virus; it is the virus of viruses. In the cyber-security sector it is considered the killer of the WEB. The CIA was forced to find out the hard way when, on 10 February 2010, the storm of bytes (DDOS) smashed into its WEB server (as well as on the WEB server of the US Senate), effectively overwhelming the cyber defences of what has been considered the most protected country under the cyber security profile of the .govs; this has caused not a little embarrassment for the National Security Agency and the White House. It is a slap in the face for the Obama Administration, which in 2009 reorganised the NSA, placing it under the direct control of the White House, with a top-down revision of how the Federal Agency for the cyber defence of critical infrastructures functions.
The IT attack came at the same time that the US Senate was debating the proposed SOPA (Stop Online Piracy Act) bill, a bill introduced with the intention of contrasting online piracy. At the time, the US Senate was also making amendments to the commercial agreements between the signatory states in the ACTA (Anti-Counterfeiting Trade Agreement) that would introduce juridical tools at the international level. SOPA and ACTA have met with numerous objectors in the population of web users.
The February attack of the CIA WEBsite is without precedent. In a way, this speaks highly of the hackers that have identified themselves as the group on twitter “Tango down – cia.gov for the lulz”, since the CIA’s network of servers, as well as those of the .gov, has already been moved over to the new and “more secure” IPV6 protocol (this manoeuvre, of course, did not stop the website cia.gov from coming under the DDOS attack from the thousands of servers that the botnet had recruited).
Although various television stations had attributed the attack as the work of the group “Anonymous”, this last has never claimed responsibility for the attack. (The activists of Anonymous have, however, claimed responsibility for the February 9 attack on the servers of the State of Alabama, alabama.gov, denouncing that the information files that the administration had created on each member of the Alabama population had not been encoded, and, therefore, the sensitive data (including criminal records, health insurance numbers, license numbers, personal identification cards and the composition of the family nucleus) was at risk of being stolen.
The hypothesis is making headway that there is a countercurrent/an ongoing struggle within the hacker group LulzSec, which has existed for some time and does not lack its share of clashes between contenders, for the leadership of the team that claims to be LulzSec (tweeted “www.lulzsecurity.com – TANGO DOWN ‘this is General Hummel, from Alcatraz, Out’ – for the lulz.” ).
NSA investigators have now turned their attention to the “smoking gun”, the botnet virus that succeeded in blacking out the CIA’s website. Just being able to understand the dynamics of the botnet virus will allow us to understand how complex the reality in which the NSA experts are required to navigate.