When the internet is under attack

Cyber terrorism, cyber warfare, cyber vandalism, cyber crime, are all now part of the lexicon. In an age where everything is connected to everything else, cyber security is as equally multi-layered but businesses are not staying cyber safe.

October is Cyber Security Awareness Month, and to end in a celebratory fashion, Dyn, a DNS service provider, was attacked on Friday, Oct. 21. It was an example of the dark side of the Internet of Things, where smart appliances, including webcams and DVRs, were infected with malware to distribute a massive denial of service attack.

The incident affected more than 1,000 websites including Twitter, Reddit, Netflix, major media outlets and government entities as tens of millions of IP addresses were used to flood the target.

The FBI confirmed to the Journal that it is aware of the attack and investigating all potential causes. Flashpoint, a security firm working with Dyn and law enforcement, has identified the Mirai botnet as being partly responsible. Additional analysis is ongoing.

Does this portend a dry run in advance of a second, larger event before or on Election Day?

“We cannot speculate on their motives or when the next attack will happen,” said Flashpoint via e-mail.  “We just had a record-breaking attack on Krebs on Security 2-3 weeks ago. Now we’re having another attack that was huge. So we can clearly see that these attacks are getting bigger and closer together, and we don’t see any indication that they will stop any time soon.”

The Department of Homeland Security did not have any details to share about who the culprit may be, but did say in a statement released Oct. 24 that it is “working to develop a set of strategic principles for securing the Internet of Things.”

In the meantime, a group called New World Hackers has claimed responsibility in a cryptic tweet, alluding to future events yet threatening to retire from the hacking business. The group’s involvement has not been verified by Flashpoint or any agency for that matter.

Widespread web

Dyn is just one provider of internet traffic monitoring and performance services. The company does not host websites or own wireless infrastructure, yet an attack on the company affected its clients, and in turn, millions of users did not have access to various sites.

While such users may have missed seeing their favorite social media feeds for a few hours, companies have other worries: the serious risks to their business.

“A cyberattack can cripple America’s infrastructure and economy,” said Steve Kahan, CMO, Thycotic, in an interview with the Journal. Thycotic is a Washington, D.C.-based security solutions provider with clients around the world, including several in Anchorage.

Kahan said cyberattacks are the most immediate danger to the country, and one would “have to be hiding under a rock” to not be aware of the numerous incidents in recent years. Just turn on the television or turn the page of a newspaper to see the latest event and its implications, he said.

And companies are rightfully concerned. But are they doing anything about it?

At the 2016 RSA Conference held earlier this year in San Francisco, where more than 40,000 gathered, Thycotic surveyed attendees. Ninety-two percent of respondents believed that U.S. companies need more security and alarmingly, 63 percent believed a catastrophic cyberattack on the country was possible within one year.

So while the goal of Cyber Security Awareness Month is important, Kahan said, it’s actually more important to take protective measures or face severe consequences.

Stephanie Prokop can be reached at stephanie.prokop@alaskajournal.com.

Updated: 
11/06/2016 - 10:46am