“The single biggest existential threat that's out there, I think, is cyber.”- Michael Mullen
Nowadays, Distributed Denial of Service or DDoS attacks have proven to be the most popular weapons in the arsenal of cyber-criminals.
They are used to disrupt institutions’ operations, extort money, damage reputations or sometimes by companies to undermine their competitors. The victims of these cyber-attacks are individuals and all major industries including aerospace telecommunications, Internet Service Providers (ISPs), banks, and other institutions including governments. DDoS attacks can be staged by anyone including a 15 year-old kid working out of his parents’ basement. A case in point is the one involving two the Israelis Itay Huri and Yarden Bidani (both 18 years old) who were recently arrested by the U. S. Federal Bureau of Investigation (FBI). Both men were arrested for masterminding a DDoS attack for hire service that can be used to take down their victims, according to the site TheMarker.com.
The goal of today’s article is to inform Liberians and other residents about what DDoS attacks are, and how they have become a “service” or business that individuals and other institutions can use, to undermine the economy and national security. I know that a more detailed explanation and better education may be required on this topic to create better awareness, so as time goes on, I shall endeavor to provide more insight into what this potential threat is to our country.
Earlier, I briefly mentioned the DDoS attacks carried out by the two Israeli kids who were subsequently arrested by the FBI. In recent times, there was another major DDoS attack which involved an Internet Services Provider (ISP) called Dyn. Dyn is a company which has customers such as Twitter, Reddit, and Netflix. The DDoS attack on Dyn prevented many users living on the east coast of the United States from navigating to popular websites such as Twitter, Reddit, and Netflix. When it comes to major companies that have experienced a DDoS attack, I can go as far back as February of 2000 to recap the widely known distributed attacks on Yahoo!, Amazon.com, CNN.com, and other major Web sites. But it will take more than an article to list institutions that have experienced a DDoS attacks and the impact they have had on them and their bottom line.
So what exactly is a DDoS attack? A succinct definition from Verisign is as follows: “a distributed denial-of-service (DDoS) attack is a malicious attempt to bring down networks, Web-based applications, or services by overwhelming these resources with too much data or impairing them in some other way.” Another definition from SearchSecurity is: “a distributed denial-of-service (DDoS) attack is one in which a multitude of compromised systems attack a single target, thereby causing denial of service for users of the targeted system.” A DDoS attack involves a flood of incoming messages to a target system. This flood of incoming messages to the target system essentially forces it to shut down, thereby denying services provided by the system to legitimate users. The “compromised systems” being referred above are also known as botnet. According to SearchSecurity.Com, “a botnet (also known as a zombie army) is a number of Internet computers that, although their owners are unaware of it, have been set up to forward transmissions (including spam or viruses) to other computers on the Internet.”
A botnet sends multiple requests to compromise its victim’s infrastructure by flooding its bandwidth, essentially jamming the victim’s Internet connections and forcing legitimate users out. These attacks pose major challenges to businesses of all types—but particularly to Internet and hosting providers, which can suffer blows to bandwidth, reputation, and bottom line. Note that the average DDoS attack lasts about 17 hours. Hence, one can only wonder what the loss is to the victim.
In fact, according to Andrew Lerner, a member of the Gartner Blog Network: “based on industry surveys, the number we typically cite is $5,600 p/minute, which extrapolates to well over $300K p/hour.” The article written 12 November 2014 titled, "The Cost of Downtime," also indicates that the amount listed above is just average, which is due to the magnitude of variance and also, taking into consideration the characteristics of the business and its environment. While this may be an old article, it does give us an idea of the impact of a DDoS attack on companies.
DDoS attacks have become a service for hire. This means any individual or company can hire cyber attackers to take down another individual’s or company’s network for a fee. According to a story published on “The Register’s” website (www.theregister.co.uk), there are DDoS attack for-hire groups that offer their services for as low as US$5.
In a previous paragraph, I mentioned the case of the two Israeli kids Itay Huri and Yarden Bidani and a few other cases of DDoS attacks.
These cases and the plethora of DDoS attack cases that we read about on the Internet and other places, should serve as an eye-opener for all institutions in Liberia. Just because we are a small and poor country in Africa does not preclude us from DDoS attacks or any other cyber-attack. Who knows, maybe some of our institutions have already being attacked but for the fear of damaging their reputation, have refused to publicize this experience.
Around the world, some companies and now countries (USA, Russia, China, North Korea, et al) try to fight back in their own ways; this may not be legal (for companies; I don’t know about countries). But when faced with a DDoS attack as an individual or a company, the best thing to do is to report the attack to security officials or maybe local regulators. I want to assume these agencies have the mechanism in place to track, combat and defeat these culprits.
In Liberia a lot of folks take cybersecurity for granted. These folks believe that cyber attackers do not care about a poor country like Liberia when they can loot more from affluent nations and institutions. This is entirely untrue. Cyber criminals do attack countries like Liberia; that is if we have not already been attacked, as I assumed above. But be that as it may, we must all ensure that our computers systems and networks connected to the internet are secure. Also, whenever we are attacked, we must ensure that the proper mechanisms are applied to avoid a repetition or propagation of such event. Like we say in Liberia: “no shame face inside oooh.”
Finally, I serve as the President of the Internet Society Chapter of Liberia. The Guiding principle of the Internet Society is “Internet Access for all.” Thus, it is the responsibility of the Chapter to ensure that access to Internet is available. We have the responsibility to expose those ills or malpractices that hinder internet access and create national awareness. When and if we discover things like DDoS attacks or any malpractice that impacts our economy or national security we have a responsibility to ensure that right security authorities are informed. For now, we try to create awareness so that we don’t fall victim as have other countries.