Information Security

Defending the digital infrastructure


Spammers drive organizations to block Internet traffic to stop attacks

Spammers and hackers are driving organizations -- and nations -- to block Internet traffic in order to stop attacks.

At the rate we're going, it won't be long. Patience is waning quickly, anger is building, and, when that process reaches a critical point, we may just see one of the greatest steps backward in the last few decades: The doors of the Internet will start slamming shut.

I'm talking about the simple refusal to accept traffic. Suppose you're running an ISP -- a big one -- and you're bombarded daily with DDoS traffic, spam of all kinds and perpetual poking into your networks with hacking tools. And, suppose you can identify some of the major sources of all this spew coming your way. What can you do? You've tried filters. You've tried jawboning the source ISPs. You've tried the law. And you've tried setting policy for your users. The net effect? The load and its ugly contents just keeps getting bigger.

Your patience wears thin, and eventually you just slam the door. You block Internet traffic simply by its identifiable source. An unheard of idea? Think again. We already do it with email.

You have two basic options: You look in the header, and react to the address, or else look at where the wire is originating and block transmissions from that location. Or mix these two approaches. The problem is, either way you'll shut down a ton of legitimate traffic along with the bogus stuff. And you'll still fail to shut down all the traffic that gets to you, via other networks that leave open the doors that you close. You can't control it all.

Now, envision this on a more global scale. Governments have control, or think they do. A government can squat on any line or signal entering or leaving its borders, and decide exactly what crosses its borders, and which foreign points can have access. And that government might just decide that there will be no traffic across borders without "review." Corporations can do it just as easily. It's a ham-handed approach: When your nose runs, chop it off.

It's a terrible idea. All the commerce, research, correspondence and other beneficial traffic would go away, and the isolating country would become an island, except for the code (including malware) that somehow would evade the barriers. Such isolation would be incredibly costly and ultimately impossible to enforce. But for countries for which the benefits of isolation outweigh the costs of staying connected to the world, the option is more attractive.

Are there such countries? North Korea comes to mind. And some developing countries -- such as China, India and Vietnam -- may set up competing networks because the industrialized West won't share control of the Internet. The point is that it's by no means unthinkable or even unlikely.

But spam, malware and other destabilizing traffic (espionage, terrorism, clandestine political movements) are growing at a faster rate, and it's just a matter of time before we reach a place where the costs of trafficking on the Internet begin to rival the benefits. That's when the doors will start slamming. That's where we're headed without some profound worldwide reengineering.

What can we do to address the problem? Here are some measures that can help:

  • Solve the return-address-spoofing problem.
  • Deliver operating systems and applications that always boot from a read-only image.
  • Stop the execution of untrusted code in client systems.

The experts and their solutions aren't getting priority. The slamming doors will change all that, but by then it will be too late. The cozy little advantages of an isolated internal network will become all too apparent to the countries and companies who like total control, and they won't open the doors easily again. Without open channels across borders to help keep governments honest, human rights may well suffer.

Enough analysis paralysis. Either we quickly solve our spam, malware and related problems, or we'll be faced with a much greater problem. With locked doors facing us in every direction, and nasty code still crawling around like cockroaches, where will our Internet be then?

Dana Paxson researches and writes patent applications for a law firm on software, hardware and other technologies.

Article 10 of 10
This was last published in January 2004

Dig Deeper on Hacker tools and techniques: Underground hacking sites

Join the conversation

1 comment

Send me notifications when other members comment.

Please create a username to comment.

I'm not sure blocking access to the internet is the best approach, especially for all of us who live via information and data flow. When "shut down the whole damn thing" is the only solution, it seems that someone isn't doing the necessary work to keep this system secure, Not easy, obviously, but still....

When endlessly intrusive commercials killed the last shreds of joy in watching television (for everyone except ad agency folk), Netflix and YouTube and Amazon became de facto viewing platforms, when popup ads killed online sites, ad blockers solved the problem. There are solutions far better than shutting down....

Get More Information Security

Access to all of our back issues View All