October 5, 2018
One of the few upsides of the most recent DDoS attacks is that every attack is a learning opportunity. For instance, the NL Times reports that the Netherlands’ key financial institutions have suffered repeated attacks this year. The first was in January, and apart from hitting several banks, the Dutch Tax Authority site was also targeted, rendering its website useless for a short period of time. And in May, the attacks happened again, targeting the same financial institutions, but to lesser effect. What’s truly alarming about these particular DDoS attacks is that while the ones that happened in January were traced back to Russian servers, authorities later found that a sole Dutch teenager was actually to blame.
This incident best illustrates the vulnerability of even financial institutions, which are known for having some of the most tightly secured online networks in the world. It’s not just that they’re attractive targets for hackers. For these particular incidents, the modes of attack were relatively simple, and the hacker didn’t need to do a lot to overload the targeted sites in order to render them useless for some time. In short, not only are the world’s largest financial institutions natural targets, they’ve also proven to be quite vulnerable in the face of basic DDoS attacks.
Meanwhile, in Mexico, the most recent national election has also been sullied by a similar incident. Prior to the July elections, The National Action Party or PAN – Mexico’s political opposition party – was targeted by DDoS attacks that took down its website for about 15 minutes. According to PAN’s account of the attack: “On this website, 185,000 visits were registered within 15 minutes, with the attacks coming mainly from Russia and China.” While this might suggest foreign interference, Mexican cyber security professionals were quick to explain that the root source of the digital attacks do not necessarily determine who’s responsible, especially in an age where fake robot accounts are rampant and foreign servers can be used by determined hackers to launch attacks practically anywhere around the globe.
Taiwan News detailed how often their government websites are being targeted on the digital front. Every month, 20 to 40 million cyber attacks are launched against Taiwan’s government websites. The country has responded by putting together a Cyber Security Service Team – a task force that’s aimed at addressing issues related to information security. A spokesperson for Executive Yuan in Taiwan has also remarked that they suspect the Chinese government to be behind the attacks, although strictly speaking, the source of the attacks are unknown.
If there’s anything we can learn from these global incidents, it is that both financial institutions and the world’s governments are being targeted by unknown forces. And this is just the tip of the iceberg. More politically-motivated attacks have happened during recent elections in the US, Russia, Zimbabwe, South Korea, France, and the Czech Republic. Furthermore, whoever is committing these attacks are finding new and efficient ways to launch them on increasingly larger scales – with their primary motivation still unknown.
The good news is that cyber security measures have improved over the years. Although there is a limited number of Communication Service Providers (CSPs) that can actually prevent huge attacks, they are well-equipped at withstanding most DDoS attacks. These external protection parties can reroute and filter out malicious traffic from protected networks, allowing businesses to carry on as usual even in the event of a DDoS attack.
Thankfully, cyber security has become a global priority, a shift that is being felt from the education sector to the business world. The cyber security page on Maryville University details how network security concerns are transforming the world of business, and that soon 75% of chief information security officers will be reporting directly to the CEO, and not the CIO. Considering that the planet’s key industries are increasingly getting more tech-dependent, including the widespread use of AI and IoT-based technology, it makes sense that cyber security professionals are being called on to take a more active and strategic role in business. We can only hope that the world’s governments follow suit.