Increasing Role of the Internet Threatened by DDoS Attacks
Last week, a French hosting company experienced the largest Distributed Denial of Service (DDoS) attack ever recorded. The attack was conducted by a botnet composed of at least 150,000 Internet of Things devices and it reached over 1Tbps. In fact, the company was hit by multiple attacks of over 100Gbps and of gradually increasing magnitude until reaching over 1Tbps. This type of attack is not a new thing, but the re-occurrence of this level of attack on key Internet infrastructure is leading industry analysts to raise the question ‘is some one learning how to take down the Internet?’
DDoS attacks are commonplace and the energy and utilities industry has certainly been targeted. A recent survey by analyst firm, Tripwire, of energy, utilities and gas industry IT staff showed that eighty-two percent of the survey respondents said the number of successful attacks against their organizations had increased in the last 12 months. About 53 percent said the rate of cyber attacks, or attacks that were attempted, but failed, increased between 50 percent and 100 percent during the same period. At the same time, nearly seven in 10 of the respondents also expressed a lack of confidence in the ability of their organization to detect and manage such attacks.
Worryingly, it is the use of poorly secured Internet of Things devices such as CCTV cameras and DVRs that is allowing whomever is behind such attacks to continue to increase their scale. Some of the recent attacks seem to be orchestrated starting at certain levels and gradually rising before stopping and then restarting at a higher level. It is almost as if someone is probing the limits of security, defenses and the Internet itself. Recently companies have experienced attacks, like that of the attack against cloudflare, attackers change their strategy and start targeting key Internet infrastructure that the company was using.
In an industry that is increasingly reliant on the Internet as a technology, these attacks should concern all commodity firms.
What would an extended period of downtime do to your business?
What would happen if the Internet actually went down for a period of time and what would the impact be?
These are increasingly serious questions to ask around all deployments that utilize the Internet. While ComTech doesn’t have the answers, it certainly sees the increase in risk faced by commodity firms that requires all companies utilizing the Internet as a part of their business and/or IT strategy have plans in place – including a good back up strategy.
As CTRM in the cloud becomes increasingly popular it is important to note that there is an implication of all this around the private cloud. Who are you sharing a server with? Wikileaks recently migrated to the cloud to help make a DDoS attack on it harder, but what if you share a server with such an organization? The French service that was the subject of last week’s ddos’s is actually a website, server and cloud hosting company. If the perpetrator had been able to take it down, then it could potentially have taken down millions of websites, servers and cloud services all at the same time. It’s now possible to escalate an attack from just targeting a specific website all the way to targeting a part of the Internet that hosts (provides bandwidth for) the firm that hosts the host of the website.
The biggest issue with a ddos attack is that you can’t stop them, you can only distribute them. An attack looks like normal traffic and there’s nothing really that you can do when you’re being attacked other than stop everyone from using the service or increase the bandwidth which can be extremely costly and doesn’t always work.
A plan is extremely important.
(This article written with assistance from Andrew Colby.)
Keep in touch and sign up to our Newsletter
