DoS - SOS!

Something's wrong, and it isn't just politics!

In this case, it's the Internet.

Massive DoS attacks have taken place in the last few days - so if your computer, more specifically your internet connection - has been acting oddly, or you haven't been able to access certain sites or activities, it's not you. It's them.

A DoS is a "denial of service" attack. Such attacks have been used at various times, typically aimed at a particular organization or corporation. Using bots and even coordinated efforts of many people and machines, a target service is flooded with demands for response to the extent that the targeted service or server can't keep up with it and can eventually grind to a halt altogether.

Why would you do this? There are probably many specific reasons, but the two main categories: a specific attack on a target, and the more alarming one - which appears to be happening recently - a more generalized attempt to disrupt the Internet.

As reported in the NY Times: "Major websites were inaccessible to people across wide swaths of the United States on Friday after a company that manages crucial parts of the internet’s infrastructure said it was under attack.

"Users reported sporadic problems reaching several websites, including Twitter, Netflix, Spotify, Airbnb, Reddit, Etsy, SoundCloud and The New York Times.

 "The company, Dyn, whose servers monitor and reroute internet traffic, said it began experiencing what security experts called a distributed denial-of-service attack just after 7 a.m. Reports that many sites were inaccessible started on the East Coast, but spread westward in three waves as the day wore on and into the evening.

"And in a troubling development, the attack appears to have relied on hundreds of thousands of internet-connected devices like cameras, baby monitors and home routers that have been infected — without their owners’ knowledge — with software that allows hackers to command them to flood a target with overwhelming traffic.

"A spokeswoman said the Federal Bureau of Investigation and the Department of Homeland Security were looking into the incident and all potential causes, including criminal activity and a nation-state attack."

Why does this matter, other than its annoyance factor?

While the specific sites that were difficult or impossible to reach weren't, in this case, of life-threatening significance, there are a couple of things that signal potential danger:
- first that the attacks appear to be, as reported in WIRED, in an interview with Dyn, a "'very sophisticated and complex attack."'
- second, it appears that the attacks are on-going
- third, while DoS attacks are nothing new, and companies like Dyn see them regularly, this event was big enough to involve many, many more targets and significantly more users
- finally, a DoS attack of this magnitutde aimed at services like financial, government, healthcare, or other essential services could create real havoc in one or more sectors of our society.

What can you do? Really, nothing much other than follow the protocols stressed over and over when venturing into the cyber world:
- use solid passwords and change them frequently
- use good virus and malware software and keep it updated
- watch for anything that appears suspicious on your computer
- some security experts even recommend turning off your computer and unplugging it when you're planning to be gone for any length of time.

Comments

Popular Posts