Black Friday for Major Websites! What Happened?
By now, everybody must have heard about the major cyber-attack on the East Coast. 21st of October was a Black Friday for major websites when giants like Twitter, Netflix and New York Times collapsed due to a very well-targeted DDoS attack. I have been a Dyn customer in the because I had wanted a low TTL (Time To Live) so that if had an outage and wanted to switch quickly over to a failover location, we could do so rapidly and handling DDos attacks at the cloud partner level seemed like a solid plan to me.
The massive DDoS attack targeted the Dyn servers, causing the collapse of hundreds of websites. The attack was not a hit and run, but more a hit and repeat, as the DDoS came in three powerful waves.
The first wave of attack started at 7 AM, followed by another one just before noon and ending with a third attack after 4 PM, coming from tens of millions of IP addresses at the same time. the results might not be what the hackers might have expected, the internet access to some of the websites was just slowed down, not taken down completely.
The initial reports showed that the attack was part of a DDoS type that infects connected devices. Once infected, these devices become part of a botnet battalion, associated with Mirai malware which was recently released to the public.
Could have this been prevented?
Yes, according to some experts. If Internet clients, such as Twitter, Netflix, and others affected had used a 2nd party for their secondary DNS, we wouldn’t be discussing this attack today.
However, even though Dyn mitigated this massive attack, we need to ask the question “Are we safe?” If a company like Dyn, an expert in this space, experienced such an attack, what would the damages of been if they targeted a single business. This is exactly the reason why SMBs should be fully aware of the cyber threats they are vulnerable to and how to prevent being hacked. My recommendation is that if you are an SMB, you should feel comfortable with your hosting provider’s and security company you have hired to keep you safe.
Coming back to the subject of the hour, here are a few approaches to defending against DDoS attacks that most cloud hosting companies offer as services:
- Routers and firewalls – Configure your routers to filter unnecessary protocols and stop simple ping attacks or even invalid IP addresses.
- Black-holing – This approach stops all traffic and diverts it to a black hole where it’s dismissed. The only bad part is that all traffic is discarded causing your business to go offline
- Intrusion-detection systems, which will detect when valid protocols are being used for an attack
- Proper configuration of servers might minimize the DDoS effects.
Bottom line, Friday was a reminder of how powerful can a cyber-attack be, and also a wake-up call not only for Dyn but also for all of us. We need to understand cyber security and make it our top priority. What about you? What’s your approach to cyber security?
Photo source: pixabay.com