On 4 November 2016 a large-scale distributed denial of service (DDoS) attack took out web access across Liberia. This followed a 21 October attack on Dynamic Network Services Inc., (Dyn), a New Hampshire-based Domain Name Server (DNS), which DarkMatter called the largest cyberattack in history.
This type of attack is not new and is based on the standard technique of using a network of infected computers called a botnet, according to DarkMatter.
Harshul Joshi is Senior Vice President of Cyber Governance, Risk and Compliance at DarkMatter, said that the weapon used in the October Dyn attack, the Mirai botnet, was particularly effective because it harnessed infected, internet-connected devices, or so-called ‘Internet of Things’ devices, which, ominously from an expanding cyber threat landscape standpoint, are finding their way into more households around the world.
The same weapon was reportedly used for several days in continued attacks on Liberia, where two companies that co-own the only fibre going into the country are being targeted. During the attacks, websites inside the country are rendered unavailable, Joshi said, adding that at this stage it is unknown who is behind the Liberia attacks.
Serious concerns raised from the recent DDOS attack
The attack on Dyn last month already raised a number of serious concerns regarding the evolution of DDoS attacks, and their massive real-life consequences given the increasing interconnectivity in a rapidly digitising world, Joshi said.
“Given the relentless rise of the Internet of Things (IoT), and the fact that the very devices that are being hacked to orchestrate these types of incidents are the same ones finding their way into our lives at an ever-expanding rate, the cascading effects of this latest attack have implications at every level of digital transformation,” he said.
“[DarkMatter has] previously predicted that the rise of IoT will prompt similar attacks in the future as inadequately secured IoT devices will continue to be an engine to facilitate breaches,” Joshi continued, addingthat protecting digital environments today requires new regulations that penalise the vendors flooding the market with insecure devices.
It is far harder, if not impossible, to attempt to dissuade the threat actors from pursuing their chosen course of action;
and it is not an ideal scenario to look to manage the effects of an attack after it has already occurred. The area in which the greatest pressure can be brought to bear in order for a more robust cyber security position to proliferate in IoT environments is at the device level, and more specifically the manufacturers of those devices,” Joshi argued. He noted that at present there is no regulation or standardisation requiring a base-line security standard for IoT, meaning there is little incentive to make device manufacturers meet any minimum criteria of security, as there are few, if any commercial repercussions for not having done so outside of successful third-party litigation.
“For as long as device manufacturers are removed from the negative financial and logistical impacts triggered by the compromise of poorly secured devices, we will continue to count the escalating costs of botnet attacks through IoT devices,” Joshi said.
- “We believe minimum cyber security levels should not be an optional feature for IoT device manufacturers, but rather there should be mandatory standards and controls introduced, and high commercial sanction to the vendors that fall short of them, given that such oversights jeopardise the security of the digital eco-system for all connected stakeholders,” he concluded.
- Source: CPI Financial