Although vendor-written, this contributed piece does not promote a product or service and has been edited and approved by Network World editors.
大规模DDoS攻击的攻击DYN上周中断获得许多大型网站,并同时攻击的细节已经被广泛分析,这里有学到的重要经验:
* DDoS attacks are alive and well:A few years ago DDoS attacks were hot news, but reports died down as the focus shifted to news about social engineering attacks, large scale data breachs and insider trading schemes. DDoS attacks seemed like yesterday’s risk but they are very much alive and well. In fact, they are back and stronger than ever.
Consider that the average size DDoS attack used to hover around 5Gbps. In the past month alone, aside from the attack on DYN, there have been two attacks over 500Gbps. An attack on hosting provider OVH was estimated at 1Tbps, while another against Krebs On Security was estimated at 620Gbps.
This attack also demonstrates the tools available to bad actors. The Mirai source code, which appears to have been used in the DNY attack, is actually publicly available and fairly easy to obtain.
* The IOT bots are against us!We’ve all seen the movies where the robots turn against us. In the movies they are out to kill us, but this hack demonstrated they can, at the very least, be corrupted to kill our Internet. The DYN attack weaponized IOT devices such as cameras and routers with weak passwords. The general population, it turns out, fails to view IOT devices as “connected computers” and never considers changing the default credentials of their connected devices, making the devices vulnerable.
We as purchasers, need to start viewing these devices as computers themselves, both for our own protection and the protection of the Internet. In fact, this attack may serve as the trigger for new standard setting and government imposed regulation regarding required security measures for IOT devices.
*基础设施可能比我们假设更加脆弱。While there has been a lot of security research surrounding the protection of our government’s infrastructure, the infrastructure of the internet itself has flown relatively under the radar. The recent attacks against hosting provider OVH and DYN, demonstrate where the hackers are looking, and prove just how efficient attacks against such companies can be. As a result, security experts may need to take a wider view when addressing the security of our infrastructure.
* Lost income is a real possibility.As was just demonstrated, sophisticated hacks can cripple the internet. Luckily in this case it was for a relatively short period of time. But large organizations stand to lose hundreds of thousands in lost income for an interruption lasting just a few hours.
一个网络保单内投保主协议的,是覆盖失去的收入。这种覆盖可以改变。虽然这可能不是从最近发生的事件串一个明显的外卖,一定要注意以下几点很重要:网络政策的很多购买者可能会认为失去的收入从这样的事件将被覆盖,但在大多数情况下,这种假设是错误的。
政策一般require 1) that such an attack affect a direct business service provider for which a contract agreement exists, and 2) that a “time deductible” be elapsed. In most cases that deductible is 24-72 hours. So organizations purchasing coverage with the hopes of affording themselves some level of protection against attacks such as the DYN attack will likely be out of luck.
除非你是一个公司,如DYN寻找覆盖为自己或您的签约业务提供商受到影响长时间,保险覆盖面很可能不是降低风险的充分工具。网络策略仍然是一个明智的投资,但购买者应该了解自己的极限。为了保护自己,组织应采取其他僖,如实施连续性计划,这削弱一个特定的供应商/合作伙伴的攻击。正如厂家有备用供应商,公司正在严重依赖他们的技术提供商也应制定备份计划。
GB&A is an independent insurance brokerage located in New York focused on insurance solutions such ascyber liabilityand高科技恩奥.