The DDoS That Wasn’t

in #ddos4 years ago (edited)

On June 16th Forbes published an article by Davey Winder, reporting that the day before the US suffered a major outage in some cellular communications services across the country. That Anonymous originally broke the story through twitter[2], which caused regular news outlets to pick up the story and falsely state that this was the “largest cyber attack in history”[4]. Citing industry experts such as T-Mobile and CloudFlare, a DNS provider, no attack is reported to have taken place.[1]

T-Mobile’s president of technology, Neville Ray, made a full statement giving their explanation for the technical failure. He writes that the primary cause was “a leased fibre circuit failure from a third party provider… we’ve worked with our vendors to build redundancy and resiliency… .” However the redundancy failed causing “an overload situation… This overload resulted in an IP traffic storm that spread from the Southeast to create significant capacity issues across the IMS (IP multimedia Subsystem) core network that supports VoLTE calls.”[3]

No matter who you decide to believe, Anonymous or the tech industry, the risk that any form of cyber attack happening, or happening again, is still a very real risk. For a brief moment the fragility of our info-structure was highlighted.

Enter Mesh Networks

This week’s episode of the Let’s Talk Bitcoin podcast, featuring Richard Myers, discussed Global Mesh Labs’ project, the Lot49 protocol[6], built on top of the GoTenna device[7] to create an incentivized mobile mesh network. Richard explains that mesh networks are “a lot like crypto-currency, in that it’s this technology people have been talking about since the late 80’s that’s just never happened.” Both have similar obstacles to overcome; those being technological limitations and having a critical mass of users before they can be viable. There is another mesh network project underway called Althea[8] but it’s contrasting protocol builds a WiFi mesh network instead of a mobile one. Episode 94 of the Unconfirmed podcast had co-founder of the Althea Network, Deborah Simpier, on the show to discuss the details of their mesh network.[5]

Mobile mesh nets provide longer range and lower bandwidth, while WiFi is the inverse and more suitable for simple house to house uses. GoTenna can signal up to 6.4km or 4mi in a pocket size form factor. Althea is limited to the range of WiFi routers unless you invest in the equipment to set up a proper WiFi antenna. What both systems have in common, being different kinds of mesh networks, is the resilience they provide to their users. In both cases, once you have a critical mass of users the significance of individual peers turning out to be bad actors, or peers dropping off the network, becomes insignificant as there will always be another peer to turn to.

According to T-Mobile the primary failure in the system on June 15 wasn’t a DDoS attack was the physical failure of a fibre optic circuit, forcing all of that traffic to clog the rest of the network.[3] Having a more resilient infrastructure by default could avoid similar future network outages. Mesh networks achieve this resilience because there is no single pipe, bearing a large enough portion of the network’s load, that if it fails the rest of the network also breaks down.

A couple of the problems of a mesh network is privacy and incentivizing honest peer participation. This is where Global Mesh Labs’ Lot49 protocol comes into play. It incorporates Lightning Network micro-payments to incentivize secure, reliable, and fast handling of your data to get it to it’s destination. Inspired by Tor’s onion style networking, each node in the path between your device and the server or person you’re communicating with unwraps a layer of security only they have the key to, passing it on to the next node, until it reaches the destination and unlocks a LN payment reward for all nodes involved. Althea operates in a similar way using Ethereum to buy bandwidth provided by the person with the actual connection to the rest of the internet, or to incentivize relaying of information over multiple routers before finally reaching the internet gateway, but it’s security layer is ensured using WireGuard to encrypt traffic.

For the mobile mesh networks it would seem as if this solution would break down once municipalities leave the 6.4km/4mi range of each other, however, because the Lot49 protocol uses the LN it can access the Blockstream satellite network. In the LTB episode, Richard gives the example that if you have a village in a remote location with just one connection to those satellites everyone in the village would then have low bandwidth connection to anyone else on the global LN.

There are even more technologies in development that will further add to the resiliency of our global info-structure but mesh networks are the most relevant to the vulnerability highlighted on June 15th.

Resources:

  1. https://www.forbes.com/sites/daveywinder/2020/06/16/no-the-us-has-not-suffered-the-biggest-cyber-attack-in-history-heres-what-actually-happened-tmobile-anonymous-twitter-rumor/#a0e19663c59a
  2. https://www.t-mobile.com/news/update-for-customers-on-network-issues
  3. https://www.thesun.co.uk/news/11871782/ddos-attack-t-mobile-outage-facebook-instagram-us/
  4. https://unchainedpodcast.com/the-althea-network-how-ethereum-is-used-in-the-real-world/
  5. https://globalmeshlabs.org/
  6. https://gotenna.com/
  7. https://althea.net/
  8. https://althea.net/how-it-works

Any original content is published using CC4.0 BY-SA