Who Is Learning How to Take Down the Internet?



l3outage-580x330.pngIt was all over the news. A sustained DDoS attack that caused outages for a large number of Web sites Friday was launched with the help of hacked “Internet of Things” (IoT) devices. Jeff Jarmoc tweeted: "In a relatively short time we've taken a system built to resist destruction by nuclear weapons and made it vulnerable to toasters." True words, since there are now specialized worms that infect just IoT devices. 

Early Friday morning cyber criminals trained their DDoS attack on Dyn, an Internet infrastructure company that provides critical DNS technology services to major websites. The attack immediately created problems for Internet users of Twitter, Amazon, Tumblr, Reddit, Spotify and Netflix.

This outage was similar to the recent 620 Gbps DDoS attack on IT security reporter Brian Krebs' site, caused by the Mirai botnet which consists of hacked IoT devices — mainly compromised digital video recorders and IP cameras made by a Chinese hi-tech company called XiongMai Technologies. The components that XiongMai makes are sold downstream to vendors who then use it in their own products. All credentials are hardcoded in the firmware and cannot be changed. This is a very dangerous practice and we need laws against this ASAP.

Someone Is Learning How to Take Down the Internet

Last month, IT security Guru Bruce Schneier caused waves when he wrote that someone, probably a country was learning how to take down the internet:

"Over the past year or two, someone has been probing the defenses of the companies that run critical pieces of the Internet. These probes take the form of precisely calibrated attacks designed to determine exactly how well these companies can defend themselves, and what would be required to take them down. We don't know who is doing this, but it feels like a large nation state. China or Russia would be my first guesses.

"First, a little background. If you want to take a network off the Internet, the easiest way to do it is with a distributed denial-of-service attack (DDoS). Like the name says, this is an attack designed to prevent legitimate users from getting to the site. There are subtleties, but basically it means blasting so much data at the site that it's overwhelmed. These attacks are not new: hackers do this to sites they don't like, and criminals have done it as a method of extortion. There is an entire industry, with an arsenal of technologies, devoted to DDoS defense. But largely it's a matter of bandwidth. If the attacker has a bigger fire hose of data than the defender has, the attacker wins."

It's either a large country, or these two other scenarios:

  1. Someone tried to extort DYN and when they did not cough up the dough,
    they decided to show them what they could unleash.
  2. Anonymous and/or other hacktivists decided to flex their virtual muscle
    and show netizens they are still a force to be reckoned with. Either way is disconcerting.

Hmmm. What can you do about this?

Well, not much. But don't put any of your own critical command & control infrastructure like managing chemical plants, water treatment or power plants in a position where they require the internet to function.

Also, and this is something all of us can do, set up redundant DNS providers so that when one is under attack you can shut it down and let other DNS services take over.

Know This Secret Of The Net: One Big Buggy Beta

Guys, I have been saying this for years now.

Most people look at me surprised when I tell them the internet is still in beta, but it's true,
 
Vint Cerf, the father of the Internet said so himself. He was quoted in the book Fatal System Error: "My thought at the time, thirty-five years ago, was not to build an ultra-secure system, because I could not tell if even the basic ideas would work. We never got to do the production engineering."
 
If you know software development jargon, that means it remained in beta... and -has- been up to now. The protocols they built at the time focused on fault tolerance, they simply were not built for security and the net is one big buggy beta. Unfortunately, the bad guys know this full well, and are exploiting it to the limit.

What this all means is that Web security is fundamentally broken.
 
You need defense in depth. All six layers need to be in force and controlled within an inch of their lives, starting with your users as your first line of defense, because the bad guys are going after your users first. Keeping them on their toes with security top of mind is a must these days. 
 

The bad guys most often use social engineering to get into a target network. New-school security awareness training is a must  to create a human firewall which is your first line of defense, on top of all existing security software layers.

Get a demo and see for yourself how you can harness your employees and keep your network safe. 

Request A Demo

 

 

 

 

 

 

 

 

 

 

 

Topics: IT Security

Subscribe To Our Blog


Phishing & Social Engineering Trends On-Demand Webinar

Recent Posts




Get the latest about social engineering

Subscribe to CyberheistNews