@JPT @Grall
I cant find the source of where I first read it, it was a Twitter source before that article even went up, but one place said that LizardSquad hacked a few of the routers used on the underwater transcontinental connections. That sounds like it would have a metric ton of bandwidth available to abuse.
It has bandwidth to use, but it does not have the cpu cycles to create it, if that makes any sense
A router is basically a specialized computer, that is designed to do a few things very well and that is mainly move packets from point a to b based on certain rules. But creating/generating data/traffic is not what is considered a priority, so it does not do it very well or have cycles todo it.
Without ever having played with the really big stuff, I doubt that you can create very much data with a router. SNMP is a possible amplification attack vector, but all devices I have ever come across, things like that has had much lower priority to resources.
Its a waste of resources doing that compared to using those cpu cycle to fulfill its primary task, route packets. And if they did that, the routing performance would probably suffer.
Look up any manual on any decent networking gear, there are pages upon pages saying, if you turn on this feature, there will be a performance penalty or this feature with that feature will basically kill the 3rd feature over there.
I am very open to be very wrong about this, but its nothing that makes sense to me, with the information that is currently available.
So I have my doubts that controlling those routers helps much, other than maybe stopping people from accessing and using them to block traffic.
And if you have control over those routers, why #$%"#$% use it in a what looks like a kiddie DDoS? You basically got NSA access to traffic going across the oceans. *puts on tinfoil hat* unless the DDoS on PSN/XBL is a distraction for something else.....
Edit:
Routers today got lots of hardware acceleration, think gpu's vs software rendering etc. But as with a gpu its very specialized because it has a limited taskset to handle. So you save money by not putting stuff in silicon to do things that are not deemed a high priority. And any traffic/data a router creates is just monitoring/management data going to the operator, its very very low volume compared to what it routes.
Now if you mirror data or do multiple copies of it, then its a different matter, but that should be easy to filter out on the way. SFlow, Netflow, span/mirror traffic and what not does not need to traverse the network borders. And it will induce a performance hit on the router.
Also core equipment like that most likely have replace routines in place, so even if they own a router, it can be replaced by another one fairly quickly, Unless they have owned the whole infrastructure with config backups etc.