Even though the first DoS (Denial of Service) attack was deployed in 1974, they are still just as relevant to the current threatscape as they were back then. 42 years later, these attacks have become much more sophisticated with a much wider scope of damage. Within this relatively short span of time, hackers have even monetized DoS on the dark web, where you can buy these types of attacks for less than a hundred dollars.As technology continues to expand at such a rapid pace, cyber criminals will continue to adapt just as quickly.
Within the past year, we've seen IoT devices become more popular as a mode of attack for DDoS stressors. Col. Cedric Leighton, Military Analyst for CNN and CEO for Cedric Leighton Associates, says we've seen “the virtual world and the real physical world come together as one” with IoT technology. Because of this, society at large has a stake in protecting their devices and overall networks, not just the tech sector.
"Our life really depends on the Internet that's out there," he says, and the Internet that's out there is what we are all putting out. With 5 billion people currently connected to the Internet, protecting it can't just lie on a handful of security researchers and teams. On top of that, researchers estimate that within the next decade, 20-60 million Internet-connected devices will be shared by even more billions of people. That's a huge surface area for hackers to penetrate. Leighton says, "While there once was just the province of state, now there's the province of everyone who has a stake in this."
Countries like Russia and China have taken an offensive approach to cyber warfare, but we need to be taking an offensive approach to cybersecurity. It's not enough to stop the bad guys once they're already in the system - bad guys will get in no matter what, but if there are ways to deter them from hacking you or your company in the first place, organizations need to be more proactive in responding to cyber threats directly.
"It's not paranoia; the Internet does more than you think," says Mike Muscatell, Information Security Manager for Snyder's-Lance Inc. He adds, "If I want to get into your company, I need to go after you before I can get into your company." His organization alone receives an average of 3 million requests for advertising an hour.
Hackers are looking to create a profile of you just like advertisers are. They want to know where you shop, what you're most likely to click on, whether you're using encrypted communications - all to better phish and social engineer you. The security of a company is only as secure as its weakest link.
Muscatell asks, "How predictable are you becoming because you're desensitized?" If you spend all day sitting at your desk crunching numbers, you're going through mounds of sensitive data. But you could also be experiencing 'security fatigue' that would cause you to be less careful when accessing this data.
One way to cover your tracks and prioritize security is to evaluate your third-party services, according to Ron Winward, Security Evangelist of Radware. Make sure updates are happening regularly, and never forget to change your default admin login and password. By placing your eggs in different baskets, there's a much higher probability that your security will step in and save you when the time comes.