On March 31st, Anonymous plans to take down the DNS system and effectively render the Web unusable. The group will probably fail.
Once upon a time, Anonymous was a group of relatively harmless Internet pranksters, but over time, the groups' attacks have become more politicized and coordinated. Through its role in the SOPA protests, when the group took down sites owned by the entertainment industry and the FBI's and Justice Department's websites, Anonymous gather some mainstream recognition. Anonymous' next target: the DNS servers that form the foundation of the Internet itself.
According to a message on Pastebin, on the March 31st, Anonymous plans to point its Distributed Denial of Service (DDoS) tool at the 13 server clusters that make up the root DNS servers that ensure that every domain name you type into your browser is converted into the right IP address. You probably don't actually touch those servers yourself that often, as virtually every ISP runs its own DNS server that is essentially a copy of what is on the root servers. If your ISP can't refresh its database, though, issues with the root servers could – in theory – make it rather hard to surf the Internet.
As with any of Anonymous' missives, it's hard to know how serious the group really is. Last year, one of the group's fractions announced that it would take down Facebook. That attack was quickly denied by another fraction and, to the best of our knowledge, it never happened.
We are trying to confirm that this isn't just a prank and will update this post once we find out more.
Why Anonymous With Fail: Bringing the DNS System Down is Hard!
Here is why Anonymous will likely fail:
Given the importance of the DNS root servers (named A through M and distributed geographically around the world), they are obviously hardened against these kind of attacks. To really affect the global DNS system, the group would have to bring every single one of these 13 servers down – and for at least a day or two.
The last large coordinated attack on the DNS system in 2007 (PDF) only managed to bring two servers – or, more precisely, two DNS zones – to their knees. While these servers also appear to the outside as just being one single server with a single IP address, there are actually quite a few servers behind these addresses that are spread across multiple locations and that can distribute traffic among themselves and out to the other 13 addresses. The DNS system uses the Anycast methodology to ensure that one single working server would be enough to keep the global Internet running – and these aren't some puny web servers either, but machines hooked up to multi-gigabit connections. There are actually hundreds of servers that make up the DNS root system – not just 13.
Anonymous says that it wants to exploit security holes in vulnerable DNS servers to attack the root servers. Even that is quite a stretch, as the same security mechanisms would still kick in.
It's quite unlikely then that Anonymous would be able to really take the global Internet down.
Image credit: Vincent Diamante