The DDoS common denominator: how Homeland Security struggles alongside the average business
There are times when it may be exciting to imagine you’re a high ranking, highly classified government agent taking part in covert operations and emerging unscathed from gun battles. It might not be something you talk about with anyone you know, but it’s fun nonetheless to pretend you could have something in common with such a seemingly sexy profession.
Then there are times when you actually do have something in common with high ranking, highly classified government agents and it’s essentially the furthest thing from sexy. Such as in the case of the threat presented by DDoS attacks.
A distributed denial of service attack, often shortened to DDoS, is a type of cyberattack that leverages the tremendous resources of what is called a botnet in order to render a target website or other internet service unusable. A botnet is a network of hijacked internet-connected devices, and in a DDoS attack a botnet is used to overwhelm the target with malicious traffic which, when successful, either slows the victim site or service down past the point of usability, or takes it offline altogether.
Distributed denial of service attacks have been a weapon of choice for cyberattackers for over 15 years, but with the creation of botnet for hire services that allow anyone with a few dollars to launch an attack as well as the increased publicity garnered by successful DDoSing, they have exploded in popularity over the last few years and reached a crisis point in the last six months.
DDoS attacks have been a known as an unwieldy threat for websites and businesses of all sizes for a while now. After all, a DDoS-caused outage can cause long term damage to a customer or user base by eroding trust and loyalty, an erosion that some businesses aren’t able to come back from. These attacks can also be used as smokescreens for serious data intrusions, and can result in costly hardware or software damage.
Outside of investing in professional distributed denial of service attack mitigation, business and website owners have been on their own when it comes to dealing with these almost ubiquitous attacks. However, last fall a new breed of botnet weaponry appeared: Mirai, an Internet of Things-powered network consisting of hundreds of thousands of hijacked devices. This botnet quickly orchestrated the three biggest DDoS attacks in the history of the internet: a 620 Gbps attack on security blogger Brian Krebs, a 1.0 Tbps attack on French hosting provider OVH, and a 1.2 Tbps attack on the Dyn DNS server that took down dozens of hugely popular websites including Netflix and Twitter.
The game had changed. With the top three DDoS targets being cloud and IT services, the public sector and financial institutions, it was time for the United States Department of Homeland Security to get involved.
Department of DDoS Security
In February the Department of Homeland Security, or DHS, went public with an increased concern over DDoS attacks, with its cybersecurity division publishing a post called Snapshot: Turning Back DDoS Attacks. The post cites the exponential increase in both the frequency and intensity of these attacks, calling it a scourge. With at least one internet security vendor predicting a worldwide 24-hour internet outage due to a DDoS attack this year, the concern is warranted, especially considering such an outage could tank global financial markets and affect healthcare services as well as healthcare monitoring devices.
In response to this so-called scourge, the DHS is spearheading the DDoSD – the distributed denial of service defense project – which takes a three-pronged approach to dealing with this many-headed monster. The three focuses of the project are 1) increasing the adoption of best practices to slow attack scale growth, 2) building collaboration tools to defend networks against attacks reaching 1 Tbps, and 3) addressing DDoS attacks that would target emergency management systems, including 911.
The solutions being worked on by the DHS include a peer-to-peer system that would enable internet providers around the world to work together on detection and mitigation, and tools that can neutralize the kind of high-powered attacks that will likely become commonplace as IoT botnets become more prevalent.
Doing your part
It used to be that it wasn’t every day the average website or business owner was tapped to work alongside an important government agency, but that was before Mirai arrived on the DDoS landscape. While DHS works to build wide-reaching DDoS solutions, business and website owners can do their part by adopting best practices and investing in professional distributed denial of service protection. While these responsibilities may not involve helicopters, fake passports and secret codes, taking these steps is necessary for protecting a business’s bottom line, at the very least.