Font Size

- Aa +

Tue 15 Nov 2016 09:23 AM

Font Size

- Aa +

A flash of Genius - DarkMatter media alert

SPONSORED CONTENT: Dealing with the evolution of DDoS in a hyper connected world

A flash of Genius - DarkMatter media alert

On November 4, 2016 it was reported that the entire internet infrastructure of the African nation of Liberia had been knocked off-line after it was targeted by hackers using the same weapon that caused the largest cyber attack in history only last month.

The attack on Dynamic Network Services Inc., (Dyn), a New Hampshire-based Domain Name Server (DNS) on October 21 was a massive distributed denial of service (DDoS) incident. This type of attack is not new, and is based on standard techniques where a network of infected computers – a botnet – are directed to bombard its target with traffic, overloading its servers.

The weapon used in the October attack, the Mirai botnet, was particularly effective because it harnessed infected, internet-connected devices, or so-called ‘Internet of Things’ devices, which, ominously from an expanding cyber threat landscape standpoint, are finding their way into more households around the world.

The same weapon has reportedly been used over the past seven days in continued attacks on the West African nation of Liberia, where two companies that co-own the only fibre going into the country are being targeted. During the attacks websites inside the country are rendered unavailable.

At this stage it is unknown who is wielding the Mirai botnet against Liberia, or whether it is a state actor or independent hackers.

DarkMatter commentary and recommendations

The attack on Dyn last month already raised a number of serious concerns regarding the evolution of DDoS attacks, and the massive real-life consequences of them given the increasing inter-connectivity in a rapidly digitising world.

This latest incident raises alarm even further given:

  1. The national level impact of the attack on Liberia, which could affect the functioning of critical national infrastructure, which could in turn have devastating real-life consequences, even resulting in the loss of life.
  2. The particular Mirai botnet that is attacking Liberia, officially named Botnet 14 14, has a Twitter account, and is open source, meaning it can and is being shared, and anyone with the requisite technical skill can use it.
  3. DDoS are successfully targeting connected devices with lower cyber security postures to gain access to high-value networks and targets, with severe consequences.

Given the relentless rise of the Internet of Things (IoT), and the fact that the very devices that are being hacked to orchestrate these types of incidents are the same ones finding their way into our lives at an ever-expanding rate, the cascading effects of this latest attack have implications at every level of digital transformation.

We have previously predicted that the rise of IoT will prompt similar attacks in the future as inadequately secured IoT devices will continue to be an engine to facilitate breaches.

Protecting digital environments in the age of the IoT and ultimately IoE (Internet of Everything) requires adopting a holistic approach to cyber security; setting rigorous standards, adding active monitoring capabilities to networks; hardening devices at the point of manufacture and updating anti-malware software regularly. Most importantly it means adopting a mind-set that perpetually considers the cyber risks that individuals and entities are exposed to.

As gatekeepers to ubiquitous access to the internet, Dyn and other internet service providers (ISP) like it have a heightened responsibility to continuously stress test their networks against the variety of attacks that could target them, employing active cyber defence capabilities that provide comprehensive, proactive responses to potential threats.

ISPs and other entities need to understand their cyber risk profile ahead of initiating a cyber security management and mitigation exercise, which would help them understand all of their digital assets, the full range of threats they may face and the vulnerabilities. This information would inform the implementation of a cyber security programme based on the Cyber Security Life-Cycle, which involves, planning, detection, protection, and recovery of digital assets, underpinned by real-time monitoring of networks for anomalous behaviour.

We believe cyber security isn’t something to be provided to a specific location or organisation. It ought to be present and resilient in any and every digital environment.

For all the latest tech news from the UAE and Gulf countries, follow us on Twitter and Linkedin, like us on Facebook and subscribe to our YouTube page, which is updated daily.