VeriSign Warns of New DoS Attacks
In the midst of criticism over its .com deal with ICANN, VeriSign this week disclosed what it says was a major DoS attack aimed at about 1,500 organizations two months ago. According to the company, the attacks started January 3 and stopped suddenly in mid-February.
In the attacks, bots were directed to send packets containing a query and the return address of the Web site they were flooding to the organization's name servers. According to VeriSign research, more than 32,000 name servers may have been involved.
The company says this is a new type of attack, and could become the "Katrina of Internet storms" according to chief security officer Ken Silva. However, at the current time these attacks are extremely targeted, meaning most users don't experience their effects.
But Silva is warning that such attacks by magnitude are significantly larger than one that crippled 9 of the 13 root servers that manage global Internet traffic.
VeriSign says it may need to sharply increase spending on additional Internet infrastructure in order to keep the system operating when and if these attackers return. The announcement comes as the company is fending off criticism over a controversial deal that gives it continued control of the .com top-level domain.
On Monday, a day before VeriSign CEO Stratton Sclavos first disclosed the problem, company spokesperson Tom Galvin responded harshly to criticism by 18 registrars, including Network Solutions, who said the deal was tantamount to extortion.
"Usage of .com has quadrupled in the last five years and attacks on the infrastructure have grown in volume and sophistication. Unfortunately, these registrars take no responsibility for the Internet's reliability," Galvin told BetaNews.
VeriSign did not say why it waited one month to disclose the attacks publicly.