Ok so the headline is a bit misleading, but in case you haven’t heard there was a DNS attack this morning that left a lot of major sites gasping for breath. If you want to read more about the specific attack Gizmodo has a great run down on it.
In this article I want to discuss specifically what a DDOS (the type of attack we saw this morning) attack is, why it’s so dangerous, and what you can do to stop it. We’ve talked about digital security before, but we didn’t discuss this aspect nor how you may unknowingly become an accomplice to it.
DDOS? WHAT THE WHAT?
A DDOS is a distributed denial of service attack. Essentially a flurry of nonsense data is sent at a specific website or server at a rate that is too high for that server to handle it, and in the best case slowing that server down, and worst case choking it to death. This can be accomplished a few ways but the most common is a BOTNET where a unscrupulous individual or group has taken control of several machines (often without the authorized users of those machines knowing it) and uses them as a network of bots (hence the name) to send massive amounts of data to a single target. This method allows the user or group the ability to send large amounts of data at once without overloading their own internet connection or the connection of the bots. This causes it to often go unnoticed by the bot users while it’s happening.
What makes this so dangerous? Well as mentioned this method can be used to take websites off line or ANY machine that is connected to the internet. While you may not realize it, there are a lot of important things connected to the internet, like ATMs, power systems, factories, security systems, etc. And this type of attack doesn’t necessarily rely on any specific type of target, basically if there’s an internet connection the attack can be made. There are mitigation techniques but they can only do so much. We saw an example of their limits with the attacks made this morning. Instead of a single site being targeted, one of the backbones of the internet (a server that routes traffic) was attacked and as a result several sites can not be reached because of one downed system. The internet is fragile and if you ever study the protocols behind it you’ll realize that. This attack is dead simple to pull off and can have devastating effects.
STOP IT? HOW CAN I HELP?
How can you stop these types of attacks? Well first let’s discuss one more reason why the attack is so dangerous. I mentioned it but ultimately any machine you have connected to the internet could become a bot and help in this attack, and with the distributed nature of the attack you might not even realize your machine is taking part. It could be happening right now, and you might not have any clue. When the internet was just starting to grow, the limited amount of people with the technical skill, and the amount of PCs actively connected to the internet made the potential size for a botnet pretty small. But as we’ve moved to an always connected, smart phone driven internet we’ve seen the potential go from 1 or less devices per home to 3 or 4 devices per home. And as we move into a world where our fridges, washers, dryers, security systems, HVAC, pianos, beds, pillows, alarm clocks, sinks, cats, etc. all become connected (the so called “Internet of Things”) the potential size for a botnet is growing exponentially, and the ability to pull it off is becoming easier and easier. Basically anyone could do it if they wanted to spend a couple hours learning how. Also, many of the companies who are making these IoT things aren’t worried about them being hacked and are sacrificing decent security for cost and ease of us.
This unfortunately means many of us can become unwitting accomplices in these attacks, regardless of who’s committing them. While you may not be criminally liable, you should still act to mitigate these things, and if we all act to prevent our machines from becoming victims to botnets then these attacks can be largely, but not completely, stopped. So how do you do that?
Use virus scanners and malware scanners. Get a good router, and don’t download anything or click on anything you can’t trust. Also, ask yourself if you really need a washer that will tweet you when your whites are done. Because the less objects you have to secure the easier it’ll be for you to secure them and secure them well.
So what do you think? Is this a state sponsored attack? Do you think the hyper-connectivity of today’s world is worth the risk? Let us know in the comments below.