Bruce Schneier, top security and privacy specialist, wrote on his blog: “someone is learning how to take down the internet and they are probing the defenses of the companies that run critical pieces of the internet”. That’s BIG! Big and not exactly a surprise, considering we are still using the same “version” of the internet since it was created. This means connection and security vulnerabilities are likely to take place, allowing DDoS attacks like the ones from the past weeks against Dyn to happen. Furthermore, according to a Verisign report these targeted attacks are becoming more frequent, more persistent and more complex.
So what is a DDoS?
DDoS stands for distributed denial of service and it’s one of the most powerful types of cyber attacks. Its purpose is to flood servers with requests until they can no longer cope. Alongside DDoS, specialists found out the attackers also tested the ability to manipulate internet addresses and routes and checked the response time of the defenders. With this information in hand it’s reasonable to assume the raids are not over yet, and the following might bring a global blackout of websites and email addresses in the most top level domains.
How are these attacks affecting businesses?
In an article on CSO David Walden discusses the findings of a Deloitte study which mentions the costs can amount to 90% of the total business impact on an organisation, and will most likely be experienced two years or more after the event. Attacks like these routinely outwit firewalls, intrusion prevention systems (IPS), antivirus and other defences, allowing cybercriminals to achieve their goals, whether they want financial gains, steal intellectual property or other nation-state goals. Many of them mix web and email tactics in multiple stages and are initiated through spear-phishing. Email personalisation, sender impersonation, victim segmentation and other tactics are used to bypass email filters and trick targets into clicking a link or open an attachment. For an in depth analysis on how cyberattacks work and how to reduce your exposure and protect against them read this UK government study or the Fire Eye – Gartner report.
Who’s behind the attacks and what can we do?
At the moment it’s not completely clear who’s behind them but based on the profiling, there are speculations that these are more than the average hacker, criminal actions and are mostly attributed to states. It’s not yet known how to fight against them, but the European Commission is already working on legislation to require better security in internet of things (IoT) devices and lawsuits against negligent device-makers would also be extremely helpful.
One thing is sure though, this is happening and we must stay as informed and safe as possible because we can all become victims of such attacks and the repercussions are big.