A massive cyberattack recently took whole sections of the Internet offline and some experts have signaled that this could be a sign of large-scale hacks that could become more prevalent in the future.
We are aware of the ongoing service interruption of our Managed DNS network. For more information visit our status page.— Dyn (@Dyn) October 21, 2016
It is reported that hacktivists targeted a company called Dyn which provides Internet domain services for hundreds of major service websites such as Twitter, Netflix, Spotify, Amazon and Reddit.
A distributed denial of service attack (DDoS) is the term that describes what occurred. This is where hackers use multiple computers or devices to flood a target website, or as in this case, their domain provider — with so much traffic that the server can no longer handle normal operations. It's basically the virtual equivalent of mass-scale trespassing, causing highly damaging disruption to services.
Dr. Jessica Barker is an independent consultant and UK-based public speaker who specializes in the human side of cybersecurity.
"A DDoS is not a technically sophisticated attack but can have a big impact on organizations and on people trying to access websites and online services. Taking a website offline can affect an organization's profits and reputation and can cause such disruption that it gets a lot of media attention, as we saw with the Dyn DDoS recently. It is this aspect that makes it an attractive technique for hacktivists who want to raise awareness of their political or ideological cause," Dr. Barker told Sputnik.
UPDATE: Dyn Analysis Summary of Friday October 21 Attack: https://t.co/k9HhZEHeWu— Dyn (@Dyn) October 26, 2016
But surely a company as big as Dyn would have systems in place to protect itself and its high-profile clients.
"A range of systems are certainly implemented by companies who know how damaging a major disruption to their services can be. But in order to better protect themselves from DDoS attacks, organizations need to consider the resilience of their websites and online services," Dr Barker added.
Dr. Barker, who is also the founder of cybersecurity news website cyber.co.uk, told Sputnik that even individuals must do their part to protect themselves as well as their companies from a cyberattack.
"A malicious DDoS is made possible by the use of a botnet, which is a network of Internet-connected devices that have been infected with malware and usually without the device users knowledge. So, protecting both your personal devices and work based devices from being infected with malware is really important. For example, this means always being careful of the links you click on and any attachments you download in your emails." she said.
In Dyn's official statement about their recent service outage, the company mentions that they identified as many as tens of millions of IP addresses in the recent assault. Those responsible for the attack have yet to be identified.
As the sophistication of techniques adopted by online hacktivists are sure to get more complex for big business to be fully protected from, it emphasizes the need for a different response strategy, which won't be cheap.
But if the recent disruptions are just an early indication, it may be money well-spent in terms of prevention as opposed to having to deal with the consequences.