Logo Intuity

Evidence of cyberwar, everyone counts, for better or worse.

Share article

Evidence of cyberwar, everyone counts, for better or worse.

Let’s face it, if the cyberwar were this then we can be quite calm, no matter how important and imposing it was, the attack on Dyn is a little more than a show of force, even just for the chosen objective.

True, it has made unavailable world-leading websites, Facebook, Twitter, Reddit, New York Times, and several others.

It also caused some economic damage, little thing.

It is also true that in war one of the strategic objectives is the communication and telecommunications infrastructure.

How many times (you have us) we have heard of targeted bombings on television and radio stations.

In this perspective, the attack on Friday could resemble something similar to a war, except that actions of this type make sense when the damage is permanent or very prolonged and typically prelude to something more serious.

Preventing a country from communicating is the first step to keeping it isolated during subsequent attacks.

In this case the attackers, already knew that the damage would be contained in a short time, they knew because they are people who know how these things work.

So what was it? A spite to the United States? Maybe so, but here we enter the world of geopolitics and my contribution in this sense would have the value of a chat at the bar sport.

Surely this is not the cyberwar we must fear! However, we have also seen and proven the impact of such determined and determined action.

An attack of this magnitude could be brought to critical infrastructure, health institutions, military, government, companies of primary strategic and economic importance, these are the goals that I expect in a war, not “Facebook”.

And this is the scenario that we must imagine, that we must foresee and that we must avoid.

How to do it is not simple and goes beyond any strictly technical consideration: 620Gbps of ddos is already something difficult to support, but to what will come next time?

620Gbps, is more than the entire aggregate band available to the GARR, means that an attack of this type would have enough power to block one of the most important networks of our nation, a network used by universities, research institutes, companies, government agencies. Just to give an example.

The weapon used is also an interesting new element: “highly distributed attack involving 10s of millions of IP addresses.”

Source: http://dyn.com/blog/dyn-statement-on-10212016-ddos-attack/

Millions of IP addresses, among which the vast majority belongs to the family of peripherals “iot”, smarttv, babymonitor, surveillance cameras, etc, etc, etc….

All things now common in our homes, in our companies and in our cities.

Does this mean that we are also responsible for what happened or what may happen?

Somehow yes, we could be involved in similar events without our knowledge, certainly does not follow a “legal” responsibility, but somehow an “ethical” responsibility because something (knowing) we can do too.

Like reducing energy waste or separate collection, we benefit relatively as individuals, but significantly as a community.

The basic problem, also this time is cultural, there is still in the civil consciousness the awareness that the Internet is a “serious thing”, has long lost its meaning of the virtual world and has become in effect an integral part of our daily reality.

This requires all of us to learn the rules and behaviours that this new dimension of life implies

We are talking about a long process, but it will have to begin sooner or later.

The first step could be to require manufacturers of “connectable” objects to pay more attention to safety by-design aspects. Taking action also with legislative instruments.

Much is done for privacy, in order to protect (?) the citizen, something else could be done in other directions, with the same purpose.

The second step we could do:

When connecting an object to a network, at least remember to change the default password! If it is possible to do so and if this is an action for everyone, see “first step”.