"This last point is critical, as the very privileges needed to properly manage the systems and databases makes it very easy for malicious users to defeat whatever controls may be in place, or to cover their tracks," he says. "There is a dramatic difference in the likelihood of a breach when it can be accomplished by a single rogue insider, as compared to one that requires co-conspirators across multiple functions."
Tech doomsday scenario No. 4: The Net goes down
News flash: The Internet melted down today as millions of Web surfers found themselves redirected to the wrong sites, thanks to problems with the domain name server system.
Can the Internet be taken offline? Many experts scoff at the idea, citing too many diverse communications channels, too many redundancies, and an architecture designed to route around failures.
"I think it would be very difficult to take down the whole Internet, unless you had a worldwide EMP event that takes everything else down as well," says Dr. Ken Calvert, chair of the University of Kentucky's Department of Computer Science. "At all levels you have diversity of technology carrying the bits, whether it's satellite, fiber, or wireless. There's a lot of redundancy there."
Yet even if the Net can't be entirely shut off, short of an act of God (see Tech doomsday scenario No. 5), attackers can create havoc by attacking it at one of its weakest points: the domain name system. By hijacking traffic meant for different domains, attackers can drive unsuspecting surfers to malicious sites, effectively take down any site by flooding it with traffic, or simply send everyone looking for Google.com or Yahoo.com into the ether -- making the Net largely useless for a great many people.
"Everybody trusts the DNS, but it's not really trustworthy," says Rod Rasmussen, president and CTO for anti-phishing services firm Internet Identity. "The system itself isn't well protected. And all you need are a name and a password to take out a DNS server or a particular domain."
Attackers don't even need to attack DNS servers or poison their caches; they can achieve the same effects by taking over large domain registrars. A successful infiltration of Network Solutions, for example, could put attackers in charge of more than half the domains for all U.S. financial institutions, says Rasmussen. From there, attackers could redirect surfers to bogus sites and later use their credentials to log in and drain their accounts. Or they could simply target large domains with huge amounts of traffic, or create havoc by messing with the Net's time servers.
What could happen: The Internet appears to be down, even though it's not. Millions of Web surfers can't reach the sites they need, or worse, they're misdirected to malicious sites that steal their credentials or their identities. Attackers reset the servers that keep time on the Net, bringing billions of financial transactions that rely on accurate timestamps to a screeching halt.
How long would it take to recover: Two days or longer, in most cases, says Rasmussen.
"Because this is the DNS, it's not hard to undo anything," he says. "The problem is how long the bad guys tell the DNS system to maintain the records; 48 hours is pretty typical."
The other option: After you discover your domain's been hijacked, get on the speed dial with major ISPs and tell them to update their records. Even then, you'll still miss smaller ISPs or large enterprises that maintain their own DNS tables.
"It usually takes a pretty big disaster to get people to respond," says Rasmussen. "That's the problem with a distributed system; when it goes bad it stays bad for a while."