The two favorite expressions of information security experts in recent years are “cyber” and “APT” (short for Advanced Persistent Threat). A transition took the terms from the world of the technical cognoscenti to the geopolitical sphere of malware like Stuxnet and Flame, and organizations like the National Security Agency and Mossad.
- How Hackers Exploited the Internet of Things to Bring Down the Internet
- Twitter, Reddit, Spotify Down After Cyber Attack Targets Internet Provider
- After FBI Tip-off, Israel Arrests Two for $600,000 Cybercrime Operation
DDoS (Distributed Denial-of-Service Attack), which is used to crash websites, is very far from this world. So far, it is usually mentioned in connection with monetized web services or much less impressive groups, like pro-Palestinian activists under the brand Anonymous. Every April, they promise they’ll wipe Israel off the internet, and make do with damaging or temporarily crashing a few negligible sites.
The world of Stuxnet and its ilk usually involves groups of experts working hard to find vulnerabilities and to create multi-tool, complex programs that can hack into advanced systems to extract information or cause damage without anyone noticing that they’re there. If these are the unmanned drones of the cyber world, DDoS is the sledgehammer – a blunt object that smashes everything in sight.
Pour in enough data to block communication of some server, or to bring down the internet application it operates, and you’ve done the job. Some of these attacks might use quite sophisticated methods, for good or for bad, but that’s the end of the story. For good, because many firms have developed ways to deal with the problem. And for bad because, ultimately, if the attacker concentrates enough firepower, even the most advanced methods will crash.
On Friday, DDoS was center stage again and proved that even a sledgehammer can be a significant weapon in a world where all services have moved to the web – especially if used at the right time and powerfully enough.
Although it is still unclear what exactly was behind the cyberattack on the domain name system of the web traffic company Dyn, it’s clear that this was no ordinary attack. The newest element is the use of a malware program called Mirai, which hacks into products belonging to the Internet of Things – like webcams, and various gadgets in smart homes – to infect them with a virus. That virus turned electronic objects into “zombies” that were used to distribute data in the service of the hackers.
Here we come back to the old axiom of the internet: every time companies try to link up another world of products to the web, security always takes a back seat for some reason. This is precisely what happened about a decade ago with the world of remote control and monitoring, and in the case of Stuxnet. That is how the basic problems pop up again that have brought down organizations in the past. In the case of Mirai, it involved exploiting products with factory-set passwords that can’t be changed.
The problem is that the Internet of Things is much greater than the world of ordinary computers, and is expected to grow in coming years. The great variety and lack of awareness of dangers can be conveniently exploited by hackers. If this time they scared us that they were peeking at us through webcams, the hackers have now learned to exploit the computing power of gadgets for DDoS. Tomorrow, hackers could use it for ransom programs or other viruses, and security companies will once again find themselves a step behind in this endless arms race.