Why we are all responsible for security, and preventing DDOS
Today, we saw a widespread DDOS attack, introducing many to such an attack for the first time. Most gamers recognize such attacks on release days for Playstation Network or Xbox Live, but the average internet consumer is unaware that such attacks occur. You may recall DOS attacks were common in the early 2000’s with sites such as Yahoo, eBay, and Microsoft being the targets of nefarious ne’er-do-wells highlighting their skills.
Before we discuss the implications of this attack, we need to define a few critical terms that you may be unfamiliar with:
- DNS (Domain Name System), is a way to map traffic from a common name (mattpieper.com) to its corresponding IP address (173.236.224.170)
- IP Address, is a numeric label for every device on a network. Think of it as a numerical address on a street, showing you where to go.
- A DNS provider hosts the servers that route requests from end users to the hosted web application. Like utilizing a phone book to lookup the address of a person or business.
- A DDOS (Distributed Denial of Service) attack comes in a variety of flavors, but the overall theme is to overwhelm a server so that it can no longer process information. Typically, a DDOS attack utilizes malware spread across multiple devices to create a network effect targeting a server with the enduser often not knowing their device is conducting malicious activity.
In this case a DDOS attack overwhelmed one of the leading DNS providers, halting all routing of IP addresses that it serves. Due to the nature of this type of attack, the affected applications (i.e. Box, Netflix, Shopify), and related servers have not been breached, but just cannot be found. Think of a phone book with the page you need ripped out; you know the name of the person you are looking for, but do not know where they reside.
DDOS attacks are common, but usually not at this scale. Typically, attackers pick one service or site that they do not agree with – such as Anonymous declaration against Scientology. Recently, exposures in IoT devices highlight a way that malware can infect these devices, creating an even larger network to leverage. Common assumption is that this attack follows open sourced malware that utilizes IoT devices to make millions of requests to the Dyn servers rendering them useless.
It is safe to assume at this time – unless this attack was a distraction – that all client data is safe. If you are a business user, your impact is probably small. Critical business applications are more than likely inaccessible, but safe. Personal users will face the frustration of not being able to checkout products on certain sites, or listen to music.
This attack highlights a critical issue, that the internet is an important part of our everyday lives, but we tend to take it for granted. Other important infrastructure – such as the electrical gird – are secured, but attacking one company can bring most of the internet to a halt.
We must continue educating ourselves, and ensuring that our individual devices are protected. Cost of antivirus and other intrusion detection platforms must be dropped. Last, new products need to be protected – while the IoT trend has produced many a benefit, it has also exposed us to a potential for great harm.