Dyn DNS DDoS – understanding the cyber security terminology!

Home/Security/Dyn DNS DDoS – understanding the cyber security terminology!

Dyn DNS DDoS – understanding the cyber security terminology!

I’ll refrain using the term cyber security for the rest of this blog, let’s face it – it’s so 1990s!  Which brings me neatly to my first point – IT security the hardest part is understanding the terminology!

Denial of Service – DoS

This weekend’s cyber (damn, didn’t mean to use that -Ed) attack on Dyn which was a DNS DDoS attack sounds complicated.  But ultimately it was a bunch of hijacked hardware all sending requests to the servers of Dyn, but not finishing the request.  It’s the equivalent of picking up the phone, dialling the number then not saying anything.  The server at the other end is still in the line saying “hello? Hello?  HELLO? WHO IS THIS, HOW DID YOU GET MY NUMBER, if this is another PPI call I’m gonna be pissed” so imagine if lots of different people are all doing the same at once, it’s more than what the server can cope with and all the incoming lines are jammed.  In reality a DNS request is a simple look-up that should take milliseconds.

So that is a Denial of Service attack – DoS.

Domain Name System – DNS

DNS is the domain naming system of the internet.  Any web address all looks back up to a number.  So instead of dialling telephone number we use a friendly name like www.google.com which translates to 216.58.212.110 – rather than remembering those silly Internet Protocol addresses, the internet ancients came up with the idea of using friendly names, and having these DNS servers store the IP address for you.

So Dyn is just a company that runs DNS for some of the big names on the internet.

Distributed Denial of Service

DDoS is a Distributed Denial of Service attack.  Distributed because the hackers hijacked a load of internet hardware to all pick up the phone at the same time and are controlling them remotely.  This is anywhere and everywhere around the world – usually the only similarity is that hardware or software is the same and has the same vulnerability. This is often called a ‘botnet’ as the systems are usually infected without users knowing but they’re now a robot army network for people.  Interestingly you can go on the dark web (which is a whole ‘nuther thing, which we won’t go into) and buy time on a botnet which someone has already set up.  In general, these botnets are usually used for DDoS attacks as they’re ideally sorted

So when Microsoft, your IT provider and your AV people are doing things like telling you Windows XP is end of life and you should always patch, update and upgrade it’s to stop issues like this.  When a product is marked end of life it’s not just because they want to sell you something new and shiny – it’s because there are security flaws that have been discovered but the manufacturers have diverted resources to keeping their new products up to date and not their old ones – common sense really.

That’s fine for PC’s and servers, but a lot of products that are now affected are CCTV cameras and other internet connected devices – the so called Internet of Things – IoT.  Great another TLA!

The thing is with things, is that they are quite often simply cut down versions of other available operating systems that run on PC’s – usually Windows Embedded or flavours of Linux.  So when the mainstream operating systems are updated due to vulnerabilities, the hackers find out about this and realise that there will be fleets of unupdated hardware out there that they can use for their own goals.

At present there’s no ‘Windows Update’ for the internet of things, so there are a few things you can be thinking about:

  • Does your IT provider have as schedule of managed equipment and as part of that management fee you’re paying – are they updating the ‘firmware’ (the software on the devices) to the latest versions regularly
  • Is your equipment more than 5 years old? Quite often there will be few updates for older equipment
  • Do you have adequate preventative measures on your network? This means good firewalls, wireless networks that are segregated from your main network and up-to-date antivirus wherever you can install it?

Let’s talk Cyber Security

Here at Unleashed we do all the hard thinking for you and if you think you’ve got a potential problem, we are easy to chat to – you supply the tea, we supply the biscuits!  We’ll even let you say cyber security a few times whilst we wear our 90’s mirror shades.

 

  • Share on Tumblr
By | 2016-10-26T08:45:37+00:00 October 24th, 2016|Security|0 Comments

About the Author:

Chris Rogan is the Managing Director of Unleashed. Chris is our lead IT Consultant and Systems Architect, he is a trusted advisor to many high growth businesses. Chris holds an MBA, MSc in Technology and Innovation Policy and a BSc in Computer Science. He produced some of the UK’s first research into Shared Services of large business and has an keen interest in bringing big business technology into the reach of mid-market companies. He has worked in various technical and business management roles, as a company director and non-executive director. He has a dislike for bureaucracy and inefficient processes (and people!). Much of the technology he implements is designed to improve processes, responsiveness to customers and management information. The views and comments in this blog however are his own and do not necessarily reflect those of Unleashed IT, its parent, suppliers, customers or affiliates.