"How a Dorm Room Minecraft Scam Brought Down the Internet" is a good long weekend read from Wired, and it's the bizarre story behind the Mirai botnet, which last year turned armies of IoT devices into a zombie army which launched denial of service attacks that damn near brought down the entire Internet, pretty much. Turns out it wasn't created by Russian or North Korean hackers -- but dumb college dudes who owned a Minecraft server, and wanted to attack rival Minecraft servers:
Inside the game, individual hosted-servers allow users to link together in multiplayer mode, and as the game has grown, hosting those servers has turned into big business—players pay real money both to rent “space” in Minecraft as well as purchase in-game tools. Unlike many massive multiplayer games where every player experiences the game similarly, these individual servers are integral to the Minecraft experience, as each host can set different rules and install different plug-ins to subtly shape and personalize the user experience; a particular server, for instance, might not allow players to destroy one another’s creations... The huge income from successful servers had also spawned a mini cottage industry of launching DDoS attacks on competitors’ servers, in an attempt to woo away players frustrated at a slow connection. (There are even YouTube tutorials specifically aimed at teaching Minecraft DDoS, and free DDoS tools available at Github.) Similarly, Minecraft DDoS-mitigation services have sprung up as a way to protect a host’s server investment. The digital arms race in DDoS is inexorably linked to Minecraft, Klein says.
Yes: Minecraft rivals are developing new DDoS technology that criminals and other bad actors can now use for their own devious ends:
“We see so many attacks on Minecraft. I’d be more surprised sometimes if I didn’t see a Minecraft connection in a DDoS case,” he says. “You look at the servers—those guys are making huge money, so it’s in my benefit to knock your server offline and steal your customers. The vast majority of these Minecraft servers are being run by kids—you don’t necessarily have the astute business judgment in the quote-unquote ‘executives’ running these servers.” ... Once investigators knew what to look for, they found Minecraft links all over Mirai: In an less-noticed attack just after the OVH incident, the botnet had targeted ProxyPipe.com, a company in San Francisco that specializes in protecting Minecraft servers from DDoS attacks. “Mirai was originally developed to help them corner the Minecraft market, but then they realized what a powerful tool they built,” Walton says. “Then it just became a challenge for them to make it as large as possible.”
Read the rest here. Much of this reminds me of the grey goo attacks that used to plague Second Life -- which would have become as Internet-threatening, had Second Life become as planned as large as Minecraft is now.
Update, 3:15pm: Added "(And Therefore, the Entire Real World)" to the title, because as Raph Koster explains, that's exactly how dependent we are on the Internet and key services:
How critical is Google as a whole? If Google went down for a month, I am pretty sure we would see worldwide economic collapse. How much of the world economy passes through Google hosting? How much of it is in GMail? How much is dependent on Google Search, Google Images, Google Docs? The answer is a LOT. And because financial systems are now also JIT, ten thousand corporate blips where real estate agencies and local car washes and a huge pile of software companies and a gaggle of universities and so on are suddenly 100% unable to function digitally (no payroll! no insurance verification!) would absolutely have ripple effects into their suppliers and their customers, and thence to the worldwide economic market. Because interconnection without redundancy increases odds of cascades.
I find all this talk of "taking down the internet" rather amusing. Remember, the ARPAnet, which became internet, grew out of the US Department of Defence's need for a distributed communications network that could survive a nuclear war. Any damage was simply routed around. These days the internet - and by extension the world wide web - is considerably larger and more interconnected than it was back in the 1960s. Switching off or blocking the entire internet is a literal impossibility. Even the most determined attacks with DDoS, bots, and various malicious programs have failed. There is just too much to attack, and where one service fails another picks up the slack. Even if Google was somehow taken offline in its entirety for a whole month other companies and services would simply fill the void.
Posted by: Riesstu | Wednesday, December 20, 2017 at 04:23 AM