Blog

That Which Doesn't Kill our Internet Makes us Stronger

Niagara Networks By: Niagara Networks October 27, 2016

Background

I could go on and on talking about the DDoS (distributed denial of service) attack that happened last Thursday. But, if you work in IT, you probably are already weary from being pulled into meetings, or being tasked to write a carefully worded email or prepare some slides for executive row to address the obvious questions, such as: 

  • Did we get hurt?
  • What are we going to do about it?

For many organizations, although it probably isn’t a great career move, the honest answer to both questions is—we’re not sure.

I will come back to that answer; but, as they say, “misery loves company,” so let me tell you my story:


My Story

About a year ago I was sitting in front of my PC at home when, all of a sudden, my Skype window started displaying messages to people in my contacts list.  The messages were all the same, with a shortened URL like the ones that often arrive in SPAM emails.  I quickly realized that my Skype account had been compromised and some Internet bot was sending these messages.  The stream of messages stopped as soon as I changed my Skype password, but by then, the bot had sent links to about 30 contacts.

distributed denial of service information technology

Searching for clues about how this happened led me to conclude, to my dismay, that my Skype password had indeed been violated.  As I continued to search, I wandered onto a website called https://haveibeenpwned.com/, where you can enter every email address or userid you have ever used, and it will match them with a list of breached cloud services, including high-profile sites like Adobe, MySpace, LinkedIn, and several others in what seems to be an ever-growing list. In my case, although it occurred so long ago I can’t be certain, I figured I must have re-used a password I created over fifteen years ago to buy fonts on Adobe’s website.

I am not the most meticulous person when it comes to passwords, but seriously, how many of you can declare that you haven’t reused a decades-old password?

The point is, even though I have anti-malware software on each of my computers, including the Apple Mac my wife uses, and even though so far, I’ve managed to avoid being the victim of some innocent-looking, yet harmful hyperlink in an email, I unwittingly became an accessory to a cyber-attack on people who, by virtue or a Skype contact exchange, agreed to electronically connect with me. To my defense, I don’t think the Skype barrage caused any real harm, but I still wonder.

And this brings me back to Thursday’s attack on Dyn’s Internet service. In case you didn’t read beyond the headlines, the experts think an enormous number of Internet-connected gadgets, including surveillance cameras, DVRs, and other devices, which had been connected without changing the default passwords, were assimilated by bots in other devices.  The number of infected devices expanded like a fusion reaction, and became carriers of the digital disease that hunted for and infected similar devices.

Ultimately, each device was commanded to send relatively small amounts of packets to a single Internet service, Dyn, with the end result being that collectively, it added up to the largest known attack in the history of digital communications.


Next Steps

Now that you are aware that any device you own could possibly be commandeered to perform cyber harm, it’s time to do your part.  If you own a surveillance camera, a DVR, a baby monitor, a home router, or any other gadget with an Internet connection, and you haven’t changed the default password, locate the instructions for how to perform a hard reset and this time, set a ‘strong’ password.  Pass this advice on to your dentist, your doctor, your accountant, the owner of the corner deli shop, your children, and your parents.

And if your IT organization is still entrusting your enterprise network to a simple firewall, it’s time to investigate the new hybrid approaches to enterprise security that combine an inline visibility controller with security and monitoring appliances from multiple vendors, enabling individual devices can be taken offline to be upgraded or serviced without full redundancy, or shutting down the network connection.

But most of all, stay calm and don’t worry. We can help you sort it all out.

Contact us today.