Can you shut down internet? That doesn’t seem likely, but after what happened on the east coast of the USA last Friday the answer seems to be yes. Large sites like Spotify, Twitter, Reddit and New York Times were affected.
This was a so-called distributed denial of service attack (DDoS), which means that innocent devices (routers, digital videorecorders,webcamera, smart thermostat/watch,/refrigerator/parking/doorlock etc.) were used to send so many web page requests to servers that the regular traffic was ignored. The servers were simply overwhelmed.
The internet of things (IoT) is used to connect all sorts of devices to the internet. This industry isn’t regulated at, and if you think that’s a good idea think Enron, Lehman Brothers, Fannie Mae, Greece, Ireland, Iceland etc. 5 G is expected to become available in 2020 and that is likely to increase the industry’s desire to offer us services we don’t need. The last product I heard about was a British guy that asked for financial support so he could develop his IoT shower device. What he didn’t say was that the price for saving some water could be that you make it possible for someone to attack a third party. The worst case scenario is your products being turned into weapons.
This reminds me of banks and shops in Norway. Banks don’t deal with cash anymore and the shops have a closed system the cashiers don’t have direct access to (only the exact amount they need). In other words, trying to steal wouldn’t be very smart. Google, Microsoft and other companies have spent a lot of resources on protecting their products, but IoT keeps the back door wide open. Microsoft could tighten security by offering an update we could easily download, but that is not an option with IoT devices. You have to buy a new device and hope the software is better.
The big question is who the attacker was. The governments in Russia, China and North Korea seem to be popular scapegoats, and that may be the right place to point this time. The target appeared to be internet and not institutions like banks, media and the government. I don’t know what ISIS is capable of, but now that the massive attack against them in Mosul has started they are getting desperate, and we really should not give anyone this option. An attack like this has been debated as a possible scenario, but I think the timing surprised many. It is of course possible that this was a political protest making it clear to lawmakers what a security risk they have allowed, but I think it’s more likely to be bigger.
The video sounds wonderful, but if something sounds to good to be true it usually is. Technology is great, but sometimes working harder is the smarter thing to do. It’s not good when we leave the intelligence to the little devices we depend on.