It's somewhat fitting that "World Backup Day" is also the same day as Anonymous' alleged "Operation Global Blackout," a scheme to flood the world's 13 domain name root server IP addresses with traffic. Were that to happen, the results could be fairly dramatic: Typing your favorite URL into a web browser could net you zero results, as there wouldn't be a behind-the-scenes mechanism for translating the domain name into its actual IP address.
In other words, the website might exist on some server somewhere, but you'd have no way to get there.
Unfortunately for security-watchers and Anonymous fans alike, it doesn't appear that anything's actually going to go down today. For not only are the DNS roots currently operating "within normal performance range," according to a message by the anonymous security researcher @CIA_sec, but Anonymous itself — if one can truly assign the group a kind of "spokesperson" — has messaged that it's there isn't any activity planned for today.
"For the billionth time: #Anonymous will not shut down the Internet on 31 March," wrote @YourAnonNews in a Twitter post on Thursday. "#OpGlobalBlackout is just another #OpFacebookfailop. #yawn."
Nevertheless, the New York Times reports that the initial threats — a PasteBin-based message that promised to temporarily shut the Internet down, "where it hurts the most" — were enough to rally engineers and Web security advocates into action. Plans were made to accelerate the "beefing up" of the servers and routers that help the Domain Name System to function, the digital equivalent of an arms race.
"Whether or not Anonymous carries out this particular attack, there are larger attacks that do happen," said Bill Woodcock of the nonprofit Packet Clearing House, in an interview with the Times. "A forewarning of this attack allowed everyone to act proactively for a change. We can get out in front of the bigger attacks."
Or, as one operator of a Domain Name Root Server put it: "We are using the threatened attack to go kick the tires on everything, make sure there's no loose dangly parts," said Paul Vixie of the Internet Systems Consortium.
The alleged plan by Anonymous members was to exploit a known vulnerability in DNS servers through the use of an attack utility known as "Ramp," or "reflective amplification."
"Basically the botnet clients would launch a huge number of small queries for DNS records that invoke a large response packet," wrote Accumuli Security in a blog post. "But in order to direct the amplified traffic back to the root servers, the source IP address of each query is spoofed, so that the response goes to one of the root server IP addresses rather than the botnet client."
