Don’t be worried…at least, not yet. Though it is true that it’s entirely possible you had a role in a widely-reported criminal act. No need to call a lawyer…for the moment. Even though,
Though it is true that it’s entirely possible you had a role in a widely-reported criminal act. No need to call a lawyer…for the moment. Even though, as Eric Geller reports, the Department of Homeland Security is investigating the matter. We’re sure (well, pretty sure) that you needn’t fret…not right now, anyway. Even though Reuters reports that the FBI is running its own investigation, and badly wants to find who was responsible. You see, any law-enforcement agency investigating this criminal act is unlikely to actually check out what small part you played in it. But should the investigation go deep—really deep—and the knock comes at your door, this may be your best defense:
“It was my doorbell! I wasn’t even home!”
Here’s how that defense might actually make sense. Some background…
On October 21st, 2016 the largest cyberattack of its kind in history occurred. The initial victim was a company called Dyn, whose servers were overwhelmed with a Distributed Denial of Service (DDoS) attack. A DDoS attack involves sending a tidal wave of fake requests to a server. Enough of these fake requests and the server becomes unable to handle them all. And once the system is overloaded, legitimate requests are unable to be processed either.
The Internet’s Road Map
This attack was very savvy. In fact, Dyn was a near perfect choice for someone bent on wrecking the internet. That’s because Dyn is in charge of a large portion the internet’s Domain Name System (DNS) infrastructure. Dyn helps computer browsers deliver the content requested by resolving web addresses into an Internet Protocol (IP) address. In other words, Dyn basically acts as the road map for the companies registered with them and the people who want content from those companies. So this DDoS attack on Dyn was most effective: internet access was stopped or drastically slowed down for any end user whose domain name system (DNS) requested routing through their servers.
Millions of internet users were unable to reach some of the “marquee brands of the internet…” including Amazon; Twitter; Netflix; Spotify; CNN, and The New York Times. You can read Dyn’s statement about the timeline of the attack here. Now, let’s understand the nature of this attack. It was big. Matthew Prince, CEO of the internet infrastructure company Cloudflare said, “The fact that this is causing Dyn so many problems is pretty good evidence that this is an extremely large attack.” So make that really big.
Your Doorbell’s Possible Role
Do you have any so-called ‘smart appliances’ in your home? Like a doorbell that sends you an alert over the internet when someone is at your door, or lights that you can turn on via your smartphone? If not… how about a Wi-Fi-enabled printer? What about a DVR? Got a cellphone? Any of these and more could have played a role in coordinating the attack. How?
Dyn said the attack on their servers was “coming from tens of millions of IP addresses at the same time…” including internet connected products. These are the types of products collectively grouped under the heading, “The Internet of Things”. Detail from Forbes:
…this is the concept of basically connecting any device with an on and off switch to the Internet (and/or to each other) … everything from cellphones, coffee makers, washing machines, headphones, lamps, wearable devices and almost anything else you can think of.
Earlier in October, code designed to create the DDoS attack was released, and announced on the hacking community Hackforums. The code was called, “Mirai,” and was designed to spread. It did so by scanning the internet for the IP address of Internet of Things (IoT) systems. Since many of these devices were protected by nothing more than a factory default password, they were easily infected with the software. Once infected, these devices served as “bots,” and were controlled by a central server. This server launched the DDoS attacks. Dale Drew, the chief security officer of Level 3 Communications, explained the attacks and the evidence of Mirai bots being involved. Yes indeed… and your appliances may have played a part in the action. And you didn’t even know it.
Yes, it’s scary to think about devices being hijacked in your home. Especially when you think it may be something as innocuous as a printer or a cell phone. But what could happen to your business? Think of all the Wi-Fi enabled devices that allow you to communicate, but may be vulnerable to being taken over and turned into a bot. You probably have a very good password protocol at work in your office—if not, now would be a good time to get one. But what could happen if someone was able to hijack the information that is vital to your daily operations? What would happen if your competitors could intercept your data?
Computers, the internet and IoT, and the cloud combine to allow widespread sharing of data.
Doing business without them is unimaginable. But they can also leave you vulnerable. What you need with today’s technology is a partner that takes your security seriously. And that same partner should ensure that your data remains accessible—but only to you.
5i Solutions Inc. offers complete access to your data with document management systems that allow you to find information instantly; systems that turn handwriting into digital ‘smart data’; and even systems that allow legal teams to work smarter and analyze tremendous amounts of different types of documents and communications.
5i Solutions does indeed take your security seriously, and takes security to the next level with our Cloud Vault. Site-to-site VPN encryption, network security, and key management. Custom-tailored levels of identity verification and access control. Threat management, penetration testing, monitoring, logging, and on-demand reports. All provided by 5i to ensure the continued integrity of your data.
5i Solutions Inc. has the tools and technology to help you grow your business, the know-how to customize those tools and technology to perfectly fit what you do, and the security to keep it safe yet accessible when you (and not a bot in your doorbell, printer, or cell phone) need it.
5i Solutions. One single, secure point of intake, access, and storage. One singular solution.
5i Solutions, Inc.