Friday October 21, 2016. A massive DDoS (Distributed Denial of Service) attack has crippled the internet in an unprecedented way. The goal of this DDoS attack was not to merely impact one company by flooding their servers with more requests than they can handle. This time, the DNS (Domain Name System) was the target. DNS translates URLs (for instance, www.digitaltransformationblog.com) into IP addresses. The internet does not communicate with names, rather with IP addresses like 220.127.116.11.
Crippling the DNS makes it impossible for browsers to reach the websites of thousands of companies. In this case, Dyn was the target. Dyn plays a critical role in the internet’s infrastructure. When its system was attacked, many major sites were affected, including Netflix, Twitter, Spotify, Reddit, Amazon, CNN, PayPal, Pinterest, and Fox News – as well as newspapers like the Guardian, New York Times, and Wall Street Journal. It is unclear whether there was an impact on cloud services or industrial applications.
Impact of the DDoS attack. Source: Wikipedia
DDoS will become more common in the future
In a Distributed DoS attack, not only one device is attacking a server or system, but a huge number of devices are remotely coordinated to attack one or more targets. Dyn states in its Analysis Summary Of Friday October 21 Attack:
“This attack has opened up an important conversation about internet security and volatility. Not only has it highlighted vulnerabilities in the security of “internet of Things” (IOT) devices that need to be addressed, but it has also sparked further dialogue in the internet infrastructure community about the future of the internet.”
Indeed, it became evident that poorly secured IoT devices became part of a so-called botnet. Brian Krebs, an independent security researcher, wrote on October 1st in his blog that the source code to the Mirai botnet had been released by a hacker group, “virtually guaranteeing that the internet will soon be flooded with attacks from many new botnets powered by insecure routers, IP cameras, digital video recorders, and other easily hackable devices”.
When we talk about Digital Transformation (DX), we need to understand that its basis is the internet. No Digital Transformation would ever be possible without the internet. When I was talking with CIO colleagues recently at the CIO Summit in Dublin, their major concern was a reliable internet connection for their cloud solutions. If the internet connection breaks, nobody will be able to access the cloud-hosted software anymore.
It is obvious that this kind of redundant internet connection is not too difficult to achieve. We can provide backup scenarios that include 4G communication. We can even send people to work from their private homes using their private internet connections. In case of a massive attack—like the one we had Friday October 21st— none of this will help.
The internet Of Things Must Mature
Let me be clear about it: the industry did not do its homework. Let me give you an example.
New technology is penetrating most of our lives. DVD players, printers, routers, smart home devices, web cams, and so on can be found in millions of homes in these days. They often come with poor software and even poorer security. And users don’t bother changing the preset passwords to a safe one. They are also unaware, that many of these devices are directly connected to the internet. This means they can be accessed from anywhere in the world. For example, you want to heat your home with a smart thermostat from the airport on your way home. This is convenient, and can be achieved by simply choosing the desired temperature on your smart phone. It also helps to preserve the environment.
But: devices that are exposed to the internet are a welcome target for hackers. They find that software is not well designed, users don’t typically bother changing passwords, and that devices are online 24/7. This is what happened on Friday, October 21st. Thousands of infected IoT devices, who were waiting for the command to strike, received it and attacked Dyn.
It seems we are running into a Catch-22 situation. Digitalization, the use of IOT, cloud services, and many more services are using the internet. They rely on the internet. At the same time, exactly these devices lead to a situation that makes the internet much more vulnerable. As we use increased amounts of internet technology to ease our lives, the more this entire system is at stake.
This is what we need to consider:
- Manufacturers of internet connected devices, especially for end-users, must invest much more in security. They have to make sure that their devices provide a reasonable level of security from the very beginning. The minimum step must be that each device will be shipped with a unique strong password. It will make the devices more expensive but this is crucial.
- Customers need to gain more awareness regarding IT security. Understanding that a standard password can allow literally everyone in the world to access your home is essential. We can’t allow ourselves to think nothing will happen. We are in a situation where a lot of people lose faith in modern technology. And they have a good reason for that. But being credulous is not good either.
Considering the situation, it is safe to assume that more severe attacks will follow. We face too little awareness for IT security from the customer’s and the manufacturer’s side alike. Companies and administrations must act now. To raise awareness on the customer’s side is a difficult task. Many customers just don’t have the knowledge. They rely on the manufacturer’s promise of Plug and Play devices that just work.
The consumption of internet technologies has outpaced our attention to increased security. This must be rebalanced. Otherwise, the risk of doing harm outweighs the potential benefits of Digital Transformation.
The purpose of this blog is to start a discussion. Please leave your comments, whether you agree or if you disagree. I hope to hear from you!