Print
Rate this article
(no votes)
 (0 votes)
Share this article
Maria Gurova

Geneva School of Diplomacy and International Relations, RIAC Expert

Let us return to the subject of the Internet of Things, artificial intelligence and the increasing penetration of technologies into everyday life. On Friday, October 21, 2016, when night had already fallen in the European part of the world and the working day was in full swing on the other side of the Atlantic, some of the biggest entertainment and news companies reported that their servers had been subjected to a cyberattack of an unprecedented scale.

 

While the official investigation has only just been launched by the US Department of Homeland Security, the companies targeted by this attack are saying that it was most likely the work of Chinese hackers: to be precise, XiongMaiTechnologies, a company which manufactures CCTV surveillance cameras controlled via the Internet. But this is only speculation and guesswork. The potential suspects also include Russia. The attack hit such media giants as Netflix, Twitter, Spotify, Reddit, CNN, PayPal, Mashable, Pinterestand FoxNews, along with the Guardian, NewYorkTimes, WallStreetJournal andYelp websites and some others serviced by Amazon. The list is quite impressive. On October, 21 their spokespeople almost simultaneously reported server failures due to a mass DDoS attack.

 

Preliminary investigations by experts, in particular those of Kaspersky Lab, show that this impressive collection of victims is no accident. All the companies mentioned above are clients of the North American service provider Dyn, which supplies DNS subdomains. But what makes this attack different from previous ones?

 

First, the scale. Attacks have previously been mounted against major entertainment and media corporations (for example, Sony), but there is no precedent for so many websites to crash at once. Second, this time the hackers used Mirai, a very powerful piece of malware that leaves no traces of strikes and enables the hackers to create not just individual botnets but a chain of interconnected ones with which they can break into the most primitive and widely used modern everyday devices: webcams, digital video recorders, etc. More than 493,000 devices were hit – and that was in the USA alone. There is evidence of botnets being used in Colombia and Brazil. These are what make such DDoS attacks possible. There is nothing disastrous about an individual attack of this kind – just the impact of surprise and inconvenience for a few hours (depending on the level of the company and its ability to restore normal service) – but multiple DDoS attacks that focus on one target and have a subsequent distributed impact carry the potential to wreak destruction on the entire Internet infrastructure, especially given the spread of the Internet of Things. These systems make it possible to inflict increasingly high levels of damage, which is more than likely to spread beyond the realm of computers and domestic laptops.

 

According to some experts, this kind of large-scale attack was not unexpected. Over several months an as-yet-unknown group of hackers (identifying the source of the attack is extremely difficult) has more than once attempted to bring down the websites of major internet companies and various media in the USA and Europe with the help of a DDoS cascade. Lack of evidence makes it difficult for the time being to point the finger at China or Russia, but this explanation cannot be ruled out.

 

There is increasing speculation on the Internet and in the media that someone is testing the Internet’s defences. Experts assume that it may be a group of amateur hackers/campaigners like Anonymous, but then it would be easy to wonder about the motives for their actions: a stand against the consumer society, or, perhaps, against globalisation? Very unlikely. It’s more similar to political resistance. Even if the client is not the government of some country or other, it’s very likely that the hackers are working with the help of government resources. All we can do is await the results of various – and hopefully independent – investigations by cybersecurity companies.

 

 

 

Rate this article
(no votes)
 (0 votes)
Share this article
For business
For researchers
For students