On Friday, October 21st the internet experienced one of th more widespread attacks in recent yers. The type of attack taking place is called a DDoS (Distributed Denial of Service) which floods specific sites with overwhelming traffic in order to shutdown legitimate traffic. In this case the attack was reportedly against and East coast DNS provider Dyn and may in fact be more widespread. Since DNS services are like the "phone book" of the internet, converting your URL into an address, it can affect massive amounts of sites when it is down.
This underscores the importance in my opinion of making limited use of cloud services to run your business. More and more services rely on the internet and cloud not only for email, but backup and application hosting. I expect to see more and more of these kinds of cyber attacks in the future and while DDoS attacks are relatively crude they are on the increase. Keeping certain key functions on internal servers prevents total business disruption if and until internet security ever gets to a point where these kinds of attacks can be prevented.
Vendors of DNS and web services can and do harden their resources and have redundancy and extra bandwidth to absorb many of these attacks without major disruption. But with the increasing number of IoT devices it is impossible with current internet protocols to prevent such disruption when the attacks are so widespread.
IoT used Against Us
Friday's DDoS cyberattack was largely driven by infected IoT (Internet of Things) infections with Mirai malware. The source code for this botnet malware went public earlier in October and is seen as an increasing threat for future DDoS attacks. Users are increasingly installing such devices (routers, cameras, internet-connected appliances) in their homes and businesses and without proper security compromise is easy, making these DDoS attacks more effective.
IoT devices such as IP cameras (those with network connections), routers, DVRS, even some printers which are directly connected to the internet and which may run specific versions of Linux operating system are vulnerable to infection due to the use of well known and common default passwords. These devices may become infected since many users fail to alter the device default user/password during setup.
Secure your Devices
If you've taken it upon yourself to install, or had a vendor install a router or web camera at home or in your business always be sure to set secure passwords as this is the best way to make infection more difficult. If secure passwords on these devices are not setup, there is risk your device has already been infected and there is no simple way to know if it is infected. A simple reboot may clear some bots from memory but it is best to do a factory reset and start over and immediately change the device password.
Unfortunately, some devices have web passwords and SSH or Telnet passwords and it may be difficult (or impossible) for a non technical user to secure the device properly. In some cases, the device simply contains flaws and may never be secured properly with the vendor stepping up and closing firmware flaws. We live in an increasingly connected world of devices and this problem will only get worse, so we must all do our part to help. I'll stress this is why it is important to acquire devices from reputable vendors with active update policies.
Election and Voting Concerns
As a result of the recent attacks, hacks and general cyber security issues there is growing concern about possible vote disruption. With election season winding down, much has already been made of possible voter fraud, rigging, and hacking, deleted emails and cyber security.
But is it real? As a society we should be concerned. In some states, if the election is hacked we may never know! But the threat IS REAL!
The concern comes from a handful of States (10 currently) which use touch screen voting machines. In many cases, there is NO detailed paper receipt provided and the machines could be programmed incorrectly or could be infected or already contain malware which can cover its own tracks. Without a paper audit, recount or physical audit may not be possible. This is a dangerous scenario.
In addition, political agendas make it possible that key battleground states could be "rigged" by purposeful programming of the voting machines. For example, a U.K. based company which is tied to political activist George Soros has provided voting machines for 16 states including many battleground states like Florida and Arizona. It would be a rather simple task to program the voting machine to register votes for a candidate of choice. This could even be done in such a way that under test conditions they would record accurate votes but on election day, for example, they would record improper votes.
The answer as many have suggested is to ban touch-screen only systems, much like punch-cards were banned after the 2000 election where counting chads became a huge issue. Additionally, voting machine should not be programmed by partisan voting machine vendors. And having a "ballot of record" or paper trail allows votes to be recounted by hand in the event of a challenge.
Our voting process is too important to have any question about legitimacy.