Largest DDoS Attack in History Emphasizes Importance of Cybersecurity Sharing
On October 21, multiple companies throughout Europe were hit with what has since come to be considered the largest DDoS attack in history. The coordinated effort, with a still unknown source, has emphasized, yet again, the increasing importance of cybersecurity to corporate business interests. One thing it highlighted even further was the critical nature of information sharing and cyber threat intelligence sources in an increasingly complex online world. Learning from how this DDoS attack hit companies (which included well-known names such as Netflix, CNN, Twitter, and The Guardian), and how they were able to recover as quickly as possible, will be key knowledge for the business community going forward. This is information that needs to be disseminated as widely as possible.
A DDoS attack is a very particular form of Internet take down, wherein servers are overwhelmed by a giant spike in maliciously focused traffic. Essentially, over time, a certain malware gets into many thousands of computers worldwide (corporate and private), and without the knowledge of the user, is activated at a given time and directed at a target company's servers. This random cyber-attack can catch even well-protected websites and servers off-guard and can often lead to disruption of service. Of course, this has a direct monetary effect on any corporate organization; both in the time spent restoring services and the loss of revenue due to the lack of access.
What made the cyber-attack of October 21 noteworthy and worrisome was that it was one of the first of its kind to incorporate IoT (an acronym for the Internet of Things) into a DDoS botnet. Put simply: it wasn't just unwitting computers that focused on the servers of these companies, but anything even remotely connected to the web. Cameras, cars, DVR players, phones; in the modern world, a device that falls under the banner of IoT is basically limitless. This allowed the Mirai botnet used to be massive in scope and the attack to be powerful on an unprecedented level.
David Fidler, who is an adjunct senior fellow for cybersecurity at the Council on Foreign Relations, put the stakes and terms of the October 21 attack bluntly: "We have a serious problem with the cyber insecurity of IoT devices and no real strategy to combat it." Going forward, this requires a better use of cyber threat intelligence sources and a better pooling of knowledge amongst the business community. Industry leaders and IT heads will need to work cooperatively to think of better ways to both combat and recover from future DDoS attacks. Platforms, such as NC4's Cyber Threat Exchange (CTX), that facilitate the sharing of information quickly, will be at a premium. For more information, e-mail us at info@NC4.com, or continue to browse our site for additional details.
Thanks for contacting NC4! A member of our team will be in touch with you shortly.