The FUD Factor

Judging from breathless coverage in the Washington Post and Reuters, you'd think we dodged a bullet during Monday's denial of service attack on the Internet's DNS servers. "The heart of the Internet sustained its largest and most sophisticated attack ever," wrote the Post. Network operators saw the event a little differently.

"Yesterday's attack was only visible to people who monitor root servers or whose backbones feed root servers -- whereas the average person who just wanted to use DNS to get their work done didn't seem to notice it at all," wrote Paul Vixie, chairman of the Internet Software Consortium in a post to the North American Network Operators' Group (NANOG) e-mail list.

Other list members were similarly unimpressed. "We see this everyday ... this was nothing out of the ordinary except the destination," wrote one. Another dubbed the attack "pretty piddly and unintelligent."

Is the media that clueless about Internet attacks? Or are network professionals jaded about media coverage? I think it's a little of both. I have an interesting vantage point, as I worked in newsrooms for two decades, and now cover Internet infrastructure full-time. A few months back I used this space to examine the risks of an attack on the DNS servers.

It's important to remember that the news media and network engineers have completely different and competing interests. The media want folks to pay attention to what they're writing and saying. The "FUD Factor " (Fear, Uncertainty and Doubt) is an especially effective way to get an audience's attention. The "largest and most sophisticated attack ever" is much more interesting to read about than a heavy network traffic event that never endangered anyone's Web surfing experience.

Meanwhile, network professionals' success is measured by the uneventful operation of their network. The last thing they want is to be quoted in the national media about why their network was out of commission. Like anyone else, they'd like the media to have a clue about what they do, and understand the nuances that separate a major incident from an everyday event.

I'm not entirely unfamiliar with FUD. I covered the Y2K issue (the ultimate FUD event) for our local daily newspaper, and in late December 1999 wrote a story about the possibility of network attacks that might disrupt the rollover period. They never materialized, of course.

My editors thought I was an alarmist, and had wasted a lot of ink trying to explain this new threat called a "distributed denial of service." Two months later, when DDOS attacks put Yahoo and other major sites out of action, those same editors proudly noted how the paper had explained all this to their readers months ago. You never know.