Top Takeaways From the Cyber Attack That Took Down Twitter, Spotify and Reddit

December 3, 2016 · steveverbanic · · Comments
Last month, a massive Distributed Denial of Service (DDoS) attack against domain name services company, Dyn, showed the world just how vulnerable companies are to cyber threats.

A DDoS attack involves hitting a computer system with millions of lookup requests at once, causing it to shut down while attempting to answer all those requests.

In the attack on Dyn, surging traffic to the company’s internet directory servers shut down domain name system (DNS) services to the “address book for the internet” (or so says Wired) — taking down PayPal, Twitter, Reddit, GitHub, Amazon, Netflix, Spotify and RuneScape in the process.

The vast scope of the outage isn’t the only worrisome aspect of the attack, however. Another is the possibility that the attack was launched by amateur hackers using everyday IoT (Internet of Things) devices such as web-enabled DVRs and webcams. Although the culprits remain unknown, it’s scary to think of the prospect of disaffected teens or any bunch of bad apples having the power to bring internet traffic to a grinding halt for any length of time.

What we do know is that the attack may have involved a type of malware called Mirai, with source code recently released to the public. This is leading to speculation that more Mirai-based DDoS attacks might crop up.

Having knowledge of the previous attacks help in protecting against the next. And all indications show there will be a next attack — which means you need to take steps to protect your company now, including:

·         Protect your data. Encrypt records and any confidential data. Make it automatic that your data is backed up frequently with an offline version kept off premises. If you do go down, business will resume more quickly when you have a copy of your most critical data.

·         Divert traffic. The DDoS attack is successful when lots of traffic, malicious or even well-meaning users constantly trying to refresh a slow-loading page, overwhelms your system. You can redirect traffic to a content delivery network (CDN) that can identify illegitimate traffic and divert it to its cloud infrastructure. This can be expensive, but if you’re a large bank or an international retailer, a five- or six-figure price tag is worth the price of staying open for business and preserving your reputation.

·         Deploy more servers. For smaller businesses that may not be as visible a target for a DDoS attack, deploying more servers when suspicious activity is detected may solve the problem. While it is the least reliable method to keep a DDoS attack from taking your website down, it is better than not doing anything.

·         Have a response plan in place. Just as you train your employees to learn where fire exits exist, run DDoS attack drills. Simulate DDoS attacks to gauge how your action plan works.

SLAIT Consulting can help you develop the policies and deploy best-in-class technology to protect your business from DDoS. Stay secure and running with multiple layers of protection and the most advanced and fastest DDoS mitigation available.