Explained: The attacks that took NZ banks offline and why you could be complicit


Cyber-attacks come in all shapes and sizes and range from the work of kids just noodling about online right through to state-level actors trying to destabilise regimes. For those of us who use the internet for our daily lives and as a way of getting things done, getting caught up in this madness is as painful as it is worrying. Will our data be kept safe? Will our identities be sold online to the highest bidder? Will someone pretend to be me and rack up debt or take money out of my account?

The good news is, that’s mostly unlikely if you take the normal precautions. The bad news is, even an unsuccessful attack on our networks and systems can lead to frustration and unexpected downtime.

The recent Denial of Service (DOS) attacks on some high profile New Zealand sites, including banks, media outlets and MetService, are a case in point. Nobody was trying to gain access to your bank accounts or ruin the weather, but their attack meant a lot of people were unable to gain access to those services and that in turn caused trouble for customers.

Denial of service attacks are the pratfall of the cyber-security world. They’re blunt, brute force attacks that aren’t designed to do anything clever other than tie up an online service’s resources.

It’s the digital equivalent of the neighbourhood kids ringing your doorbell and running away. You’re forced to put down your newspaper, get out of your recliner, go to the door and open it only to find there’s nobody there. So you go back to your seat, pick up your paper and … ding, it happens again.

Picture that happening millions of times a second and you’ve got an idea of what a denial of service attack is all about. No legitimate visitor to your website or app can get through because they’re just one connection out of billions and while your call might very well be important to the business, they can’t hear you or help you out while they’re fending off all that noise.

Big organisations know about DOS attacks and they plan for them. Many have agreements in place with their network operators to help reduce the impact of these attacks. They’ll have certain trigger points that will kick into action if massive spikes in traffic are recorded and the upstream connection provider will simply dump all the traffic of a particular type of traffic that is coming in from a specific location, for example.

But that’s not always as easy as it sounds, because the most common form of DOS attack is the “distributed denial of service” (DDOS) attack, and that word ‘distributed’ is all-important. These attacks make use of computers around the world that don’t have good security in place, that haven’t patched their operating systems, that have no decent firewalls or anti-virus security in place. They’re ordinary everyday computers much like the one I’m writing this on, only at the hands of a cyber attacker, they’re a way to launch an attack from multiple points around the world, making tracking and mitigating a nightmare for security teams.

That’s one of the big reasons why everyone with a computer connected to the internet should take the time to apply updates and patches, to scan computers for viruses, to ensure the security is updated – because the alternative is you become an unwitting foot soldier on the wrong side of the battle.

Paul Brislen is the CEO of the Telecommunications Forum

Source: Read Full Article