21 April 2004 Governments and security companies have warned of a ‘critical’ flaw in the Internet’s transmission control protocol (TCP) that can leave PCs and routers open to attack from hackers.
A flaw in TCP, the key enabler of all Internet traffic, could pose a serious threat to both public and enterprise networks, warned analysts — particularly if hackers manage to develop an ‘exploit’, a malicious application that can automate an attack.
The defect was discovered in late 2003 by Milwaukee, Wisconsin-based computer researcher Paul Watson who said that he had found a reliable way of tricking PCs and routers into shutting down electronic conversations by resetting the machines remotely.
If routers are shut down persistently, they go into a stand-by mode, known as ‘dampening’, that can persist for hours.
It was previously thought that such attacks could take a number of years to succeed, because they require the hacker to guess a rotating number from roughly four billion possible combinations. But Watson says he is now able to guess the proper number within seconds, which, he claims, “has the effect of bringing down the Internet or severely disrupting traffic on the Internet”.
In recent weeks, a secret effort has been underway to prevent global disruptions of Web surfing, e-mails and instant messages as a result of the flaw. Early warnings from some security organisations have already prompted some government agencies to fortify their systems.
But despite the severity of the threats, experts have urged users to remain calm, stating that Internet infrastructure providers such as Cisco and Juniper Networks have been given advance notice of the threats and have taken additional security measures, which have gone some way to minimising the risk.