U research exposes Web threat

Internet security researchers from the University of Minnesota’s College of Science and Engineering have found a flaw in routers that could make the entire Internet vulnerable to attack.

Using a botnet, a large network of externally controlled computers, the researchers simulated an attack that, if used by an adversary, could disrupt routing for the Internet as a whole, said Max Schuchard, one of the graduate research assistants who developed the attack.

The Internet relies on routers that allow computers to communicate with each other. The attack causes routers to disconnect by overwhelming them with guarding updates. It relies on oversubscribing routers — bombarding them simultaneously with more information than they can handle.

But the researchers’ data doesn’t mean the Internet will be desolated anytime soon.

“It’s an incredibly sexy title to say that someone has come up with the doomsday weapon for the Internet,” Schuchard said, “That’s not what this is. It’s an attack that we think would work in principle, but we couldn’t launch this tomorrow or next week.”

Instead, they are hoping this development will invalidate many of the dangerous assumptions telecommunications companies make about the amount of information routers can handle.

The solution to this type of attack is simple but not as readily available as they would like, Schuchard said.

Routers utilize a device called a line card to process this type of information, and Schuchard said line cards that can function correctly under this type of attack are expensive. Line cards are currently developed to handle an average amount of information.

Schuchard said this attack should be a “giant red flag” to encourage telecommunications companies to strengthen their equipment.