CyberBunker's denial-of-service campaign against Spamhaus displays risks misconfigured open DNS servers pose. Inherent vulnerabilities of DNS (beyond misconfiguration) lead many observers to see the CyberBunker campaign as a harbinger of things to come. The volume of attack traffic is very large, dwarfing that achieved by the Izz ad-Din al-Qassam Cyber Fighters in their campaign against US banks (which resurfaces this week in Wells Fargo servers).
The perpetrators have been unusually open about their responsibility. In an interview with Russia Today (a surprising tribune of unfettered expression) CyberBunker calls Spamhaus a censorship organization, and says its denial-of-service attacks are a blow for Internet freedom. The campaign has been widely felt but of limited impact: congratulations to CloudFlare for mitigating it.
From Egypt comes news of a more primitive attack on the Internet: the Egyptian Coast Guard boards a fishing boat off Alexandria and snaps up three men trying to cut the SEA-ME-WE 4 undersea cable. SEA-ME-WE 4 runs from France to Malaysia, and links Europe, Asia, and North Africa.
More warnings of malicious Chinese hardware in the IT supply chain appear, and the US Congress does something about them. Their continuing budget resolution will restrict purchase of Chinese-manufactured IT devices and components. Before buying, Government organizations must vet such items in a formal cyber-espionage risk assessment by at least four agencies, including the FBI. Any purchases must be determined to be "in the national interest of the United States." Industry analysts name Lenovo and Apple (via Foxcon) as likely big losers.