More specifically, how realistic is it that with one cyber attack, all or most of the computer systems in the US could go down?
How would this be accomplished?
Who, if anyone, is responsible for safeguarding us from this type of attack?
Is it only a matter of time before something like this happens? (maybe opinion, but I want to know anyway).
More realistic than you’d care to imagine, actually.
If you were thinking there’s some magic “poison pill” that would cause physical damage to
servers, there isn’t one, but you can pretty effectively disable a server just by keeping it extremely busy. Keep enough servers busy generating garbage traffic on the network, and you’ve effectively disabled that network.
Remember Code Red and SQL Slammer? Those were two extremely fast-traveling worms - SQL Slammer (aka Sapphire) infected 90% of all vulnerable servers worldwide within 10 minutes of its release. Primarily, it was what’s known as a DOS attack - denial of service - in which servers are disabled and unable to handle their normal processing and traffic. SQL Slammer did this primarily by simply keeping everything very busy distributing itself, rather than causing damage. Pretty much the only thing that made Slammer slow down was network bandwidth - it was simply saturating the world with its traffic to the point that its own traffic couldn’t get through.
As for who’s protecting us? That’s a hard question, actually. Ultimately, the responsibility is with everyone - from owners of the global network backbones on down to you. Just by keeping your antivirus up to date, you can be one less spam relay or “zombie” in a DOS attack.
There are government agencies involved as well. The National Security Administration and FBI are active in this, as well as the Secret Service and Department of Energy. Private sector entities include Carnegie Mellon’s CERT and Symantec’s SARC.
Forgot to mention that there’s also not a one-worm-kills-all out there.
Essentially, everything is platform-specific - eg: Windows, Unix, Linux, Mac, Cisco, etc.
Well, let’s make a distinction between “all of the computer systems” in the US going down and the network infrastructure going down. Most of the computer systems (business, at least) are behind firewalls and many are not even connected to networks. And despite the preponderance of Windows, many of them run different operating systems. So barring the infiltration of very subtle trojan horses into actual operating system code on a wide-scale basis, the chances of all the machines going down is virtually nil. (In the past, viruses have wrought havoc on machines on a widespread basis, but people are hopefully getting more savvy and some of the more obvious holes have been patched, so it’s getting somewhat more difficult to do actual damage with a single virus or worm.)
Widespread network shenanigans, as gotpasswords noted, are more likely to occur. I assume that the major ISPs have contingencies for major DOS attacks, including cutting out entire sections of the network if necessary.
It should be noted that a “nationwide cyber attack” doesn’t have to kill all the servers on the 'net. Simply making them unable to communicate effectively can render them just as useless as if they were dead.
In 2002 there was a co-ordinated attack against the 13 root DNS servers that came frighteningly close to succeeding. You can read about it here .