Unless you live completely off the grid you likely were aware of the major DDoS attack on the servers of global DNS host Dyn yesterday. The mass hacking incident affected Twitter, Netflix, Spotify, Paypal and news sites from the New York Times to Fox. John touched on the story last night with specific attention to the fact that “supporters of Wikileaks” were taking credit for it. That may or may not be true (people falsely take credit for such things all the time) but this story should have people on edge far more than what I’m seeing in cable news coverage this morning. Dyn issued a status update overnight saying that the incident had been resolved, but some of the geeks at Gizmodo are describing this was what is likely only the beginning of a very bleak future.
Recently, we’ve entered into a new DDoS paradigm. As security blogger Brian Krebs notes, the newfound ability to highjack insecure internet of things devices and turn them into a massive DDoS army has contributed to an uptick in the size and scale of recent DDoS attacks. (We’re not sure if an IoT botnet was what took down Dyn this morning, but it would be a pretty good guess.)
We are nevertheless getting a taste of what the new era of DDoS attacks look like, however.
I’ve written about this here before and it seems to come down to The Internet of Things. If you happened to miss this relatively recent development, we have a whole new layer of the web which is used exclusively by devices speaking to other devices independent of direct human control. These include everything from your DVR and cable box to newer models of refrigerators, toasters, cameras, wireless routers and even your car. I’ve joked in the past about this being the eventual path to SKYNET becoming self-aware, but this collection of tens of millions of comparatively stupid devices hooked to the web were likely enslaved by hackers to act like an army of internet zombies attacking Dyn’s DNS servers. And they could do it again.
So what’s the potential danger of this? For starters, some analysts are already wondering if yesterday wasn’t just a dry run for a major attack on election day. (Election Law Blog)
Suppose this is Russia or another foreign or domestic actor intent on disrupting our elections, and suppose the next attack presents a greater series of outages. Here’s the kind of stuff that could potentially be disrupted on Election Day:
- Emails, messages, and telephone calls (over VOIP, at least) to and from election officials and volunteers dealing with problems at polling places that inevitably pop up (ballot problems, polling place problems)
- Voters obtaining correct information on where and when to vote, and polling place problems
- Accurate journalistic reports of voting, vote totals, problems at the polls
- Law enforcement activities that may be necessary if there are acts of voter intimidation or other problems
- Lots of everyday other features of daily life, from electricity, to traffic control, to emergency services, and to the rest of what is connected to the internet grid
The fact is that we’ve embedded internet technology in every aspect of modern existence. And while advances continue at a breakneck pace, it’s always easier to destroy than create. (That’s a rule as old as civilization.) People wishing to attack the web infrastructure remain able to do so with abandon if they have a few folks with the brains and some surprisingly easy to acquire resources. And we’re not just talking about the timely and accurate reporting of election results here. You might think that our banking institutions and defense facilities are more safe than the ones being cracked into this week but that’s only true to a point.
On the same day that this attack was taking place, tens of millions of debit cards were hacked in India. A teenager hacked into the International Space Station computers at NASA. Somebody even hacked the Hubble Telescope. How many shots across the bow do we really need here? If we’re going to rely this heavily on “the cloud” and distributed data and devices for every aspect of our lives, we need to be able to either defend the system more effectively or at least be able to shut it down and divert to some back-up model on a moment’s notice. The Dyn hack yesterday should be more than a wake up call… it’s a blaring alarm going off.