Tech Tuesday: Three Months of DDoS Attacks

daoleduc/daoleduc

Tech Tuesday.png

Maybe you are well aware what a DDoS or a Distributed Denial of Service attack, but let’s give a brief review of exactly what is entailed when something like this happens. Hackers seek out vulnerable computers or digital networks and recruit them in what could be best described as a “virtual press gang” that now answer to the one hacker. When given the command, this rogue network sends out simultaneous requests, usually trivial ones, to a target network—a website or an online service like Twitter or Facebook—and overload the system, shutting down access to that particular service. Picture a DDoS like the early morning of Black Friday, a group of rabid bargain hunters gathering in front of a business’ door, blocking the only way in when the doors are unlocked and the business is open. Customers are denied access and must either be patient and wait for crowds to die down, or go elsewhere to find what they need.

Now that you know what a DDoS is, let’s take a look at how serious a threat these tactics are.

Unrecognizable hacker in front of computer – cybercrime conceptIn September, an incredibly coordinated attack was carried out on the cybersecurity recourse, KrebsOnSecurity.com, hosted by security journalist Brian Krebs. His blog had been targeted by attackers using an impressive recruitments of Internet of Things (IoT) devices such as IP cameras, digital video recorders and other easily hackable devices. Akamai, the company that protects sites like KrebsOnSecurity from such attacks, reported that this particular DDoS attack was nearly double the size of any seen before that time. This DDoS utilizing 620 gbps was also considered one of the biggest assaults the Internet has ever witnessed.

The attack against KrebsOnSecurity.com was impressive in its size but October saw DNS provider Dyn hit with a DDoS attack that crippled many high profile, high traffic websites. This particular attack temporarily disrupted service to a wide variety of Dyn customers, including Okta, CNN, Pinterest, Reddit, and Twitter. The attacks came in bursts of traffic nearly fifty times the size of Dyn’s normal flows and malicious traffic Dyn’s mitigation measures are accustomed to handling. This sudden traffic congestion triggers automatic attempts to retry access, in turn generating even more traffic and congestion. This particular DDoS attack, in its volume of traffic, generated close to twenty times the normal DNS traffic on account of malicious and legit retries.

Now we reach November.

On the heels of compromised IoT devices and larger scale attacks against higher profile targets, hackers enable the DDoS tactic to undermine the entire Internet infrastructure of the African nation of Liberia. Using similar strategies seen in October, Liberia’s Internet was brought to a halt. The DDoS attack was powered by the Mirai botnet, an open source program released on the Internet that, by design, sought out and hijacked IoT devices. These hackers took down two fiber optic companies providing the only connection Liberia had with the outside world. When they brought these two companies down, Liberia’s Internet collapsed.

Think about that for a moment. Your car, your thermostat, your refrigerator, and your electric smoker, all recruited in a cybercrime that could potentially make a nation go dark. It can happen. It is a possibility.

According to the experts, DDoS attacks have always been a tactic hackers have utilized. Attacks using IoT botnets in consort with malware all appears like cutting edge tactics, but IoT botnets have been around since the days of Linux home routers, DVRs and CCTV cameras. However, IoT now offers hackers easy access to unprotected networks. Imperva’s security group research manager Ben Herzberg calls 2016 “…a transition year…” for cybercriminals. Experts estimate the volume of DDoS attacks over 100 Gbps between 2015 and 2016. DDoS, once upon a time, required sophisticated skills; but with the IoT offering so many resources and so many access points, DDoS attacks can now be done by or at the behest of people with low to no hacking ability.

With more players and more resources on call,  in the game now with better tools at their disposal, we’re going to see more and more of these cyberattacks. Unless something dramatically changes in the way of IoT security—and remember, we are creatures of comfort and convenience—we’ve got a rocky road ahead, and we’re going to have to deal with it.

 


 

shurtz.jpgA research physicist who has become an entrepreneur and educational leader, and an expert on competency-based education, critical thinking in the classroom, curriculum development, and education management, Dr. Richard Shurtz is the president and chief executive officer of Stratfdord University. He has published over 30 technical publications, holds 15 patents, and is host of the weekly radio show, Tech Talk. A noted expert on competency-based education, Dr. Shurtz has conducted numerous workshops and seminars for educators in Jamaica, Egypt, India, and China, and has established academic partnerships in China, India, Sri Lanka, Kurdistan, Malaysia, and Canada.