How the Dyn Cyber Attack Worked Allowing Criminals to Hijack 100,000 Devices

Dynamic Network Services Inc. (Dyn)—a cloud-based internet performance management (IPM) company in the United States—had its server infrastructure compromised late last year following distributed denial-of-service (DDos) attacks. Dyn said that more than 100,000 devices may have been involved in the massive cyber attack that overwhelmed its servers and produced a ripple effect, temporarily shutting down access to sites like Twitter and Netflix for the east coast of Canada and much of the northeastern United States.

How the Attack Worked

A DDoS is a type of cyber attack that hijacks multiple devices—usually through installing and spreading malware—to “flood” a specific group of servers with a multitude of requests for information all at the same time. The tactic effectively “clogs” the servers so that they’re unable to handle normal web traffic and can ultimately force them to shut down temporarily.

In the past, attacks like these would typically utilize personal computers to carry out the attack. In this case, however, it appears that the attack co-opted a number of “smart” devices—things like digital video recorders (DVRs), printers and even cellphones. Government officials currently believe that a non-state actor is behind the attack, but as the investigation is still ongoing, they have yet to definitively rule anything out.

Key Takeaways

Regardless of the source, the attack highlights a pair of troubling trends. First, this DDoS attack was one of a growing number of more sophisticated attacks. And, while Dyn—a company with robust cyber security measures—was able to restore its regular operations fairly quickly, it only did so after defeating two separate waves of the attack.

Second, and perhaps more importantly, this attack shows the potential vulnerability posed by the increasing number of interconnected, internet-enabled devices commonly called the Internet of Things (IoT). The inter-connectivity of devices on the IoT is the source of a number of benefits; however, that very same inter-connectivity offers cyber criminals an often overlooked—and potentially less secure—avenue of attack.

© Zywave, Inc. All rights reserved.

Majority of Cyber Attacks Launched by Company Insiders

Business, technology, internet and networking concept. Young businessman working on his laptop in the office, select the icon cyber security on the virtual display.

According to figures released by IBM, nearly 60 per cent of all cyber attacks in 2015 were launched by “company insiders,” based upon data gathered from 8,000 of their clients’ devices. Though industry experts have warned for years that a company’s employees may inadvertently make systems vulnerable, IBM found that 44.5 per cent of attacks were, in fact, malicious.

It’s important to note that IBM defined an “insider” as anyone who had either physical or remote access to a company’s assets. While this would certainly include employees, it would also include business partners, contractors and vendors.

While insider threats can be difficult to detect, businesses can still work to prevent them. Above all, it’s important to have a cyber security plan in place—one that manages passwords in a mindful way and protects shared documents.

© Zywave, Inc. All rights reserved