On October 21st, 2016, one of the major DNS providers in Europe and North America experienced a substantial cyberattack. The Distributed-Denial-of-Service attacks disrupted Dyn, the service provider, for the majority of the day, making it difficult for users to access the Internet. Connectivity to popular services such as Twitter, Netflix, and Facebook was intermittent and spotty for consumers, as multiple waves of attack occurred throughout the day. While there are many lessons that can be learned from this attack, here are the four biggest takeaways for businesses:
1. A System is as Vulnerable as Its Weakest Link
Or, in some cases, its biggest target. Cyber criminals were able to take down millions of users and disrupt major services all by targeting a DNS provider. This is because domains need to be resolved before returning any data; the DNS provider is an important third-party link between the user and the websites they request. This type of vulnerability is also why video game networks are commonly targeted: because a single server going down can take down authentication for millions of users and multiple games at once.
2. Cyber Criminals Are Becoming Better Organized and More Sophisticated
The Dyn attack occurred in a total of three ways and it involved 10s of millions of unique IP addresses. Better technology, both in terms of hardware and software, could not have protected Dyn from this attack. Though the security team was able to finally mitigate the attack by the end of the day, they could not have prevented the attack from occurring with the technology currently in place. Technology will need to advance to the height of these cyber criminals.
3. Internet of Things Devices Can Be Dangerous
As noted, 10s of millions of IP addresses were utilized throughout the Dyn attack. These were not likely to be computers. In the past, DDoS attacks had to rely upon computing devices -- often in a botnet -- to create enough connections and traffic. Today, there's a proliferation of Internet of Things devices, each of which can be considered a small computer and therefore vulnerable to malware. This makes DDoS attacks incredibly powerful and highlights modern IoT security challenges.
4. Every Business Needs a Disaster Preparedness Plan
Dyn was able to resolve the issue by acting quickly to the DDoS attack. Otherwise, the Dyn DDoS attack could have been sustained for significantly longer and done substantial damage. Without the right preparedness, Dyn itself might even be considered liable for a prolonged attack. This highlights the need for an effective and complete disaster preparedness plan -- and these plans need to include the potential for IoT devices to become compromised.
The Dyn DDoS attack could not have been as devastating without the Internet of Things -- and the IoT is here to stay. Cyber criminals have become sophisticated and advanced, and they have learned that a strategic application of these IoT devices can be enough to knock down large organizations. Companies need to protect themselves from these and other threats by securing their IoT systems and having a plan in place if the worst occurs.