Of the increasingly frequent cyber-attacks, DDoS attacks are the most prevalent threat. In 2017 the number of attacks on businesses on the Telenet network was in fact up by a quarter compared to 2016. To fight these cyber-attacks, we invest heavily in security equipment and in making our own network more robust. But what exactly does such a DDoS consist of? And what is the extent of your risk as an individual or business? Safer Internet Day is the perfect time to consider these matters.
A post office flooded by letters and packages without a return address. That’s a good metaphor for a DDoS attack, or Distributed Denial of Service. They are one of the major threats present on the Internet today. Cyber criminals take over a gigantic number of devices and command them to bombard a server with requests. The server can’t handle these all at once and goes down. As the hackers are using up all the available bandwidth, we subsequently can’t access websites, apps or mail servers for some time.
Hackers on Holiday
In 2017 we noted 800 attacks aimed at IP addresses on the Telenet network. That’s 25% more than in 2016, when there were ‘only’ 586. The attacks peaked in the months of September, October and November, showing a marked dip in July for some years now. Cyber criminals are on vacation too then, it seems.
DDoS is one of the most visible types of attack, which — if successful — completely blocks your Internet access. In 2017 the longest attack lasted almost five full hours.
‘Script Kiddies’ or ‘Hacktivism’
Cyber criminals are most interested in businesses, as that’s where they can achieve the biggest impact. They affect both the company and its employees as well as customers, who can no longer make use of the provided services. Every cybercriminal has their own reasons. So-called ‘script kiddies’, young people who hack for fun and launch attacks at random, use businesses as guinea pigs to test tools with which to deliver an even bigger blow later on. Others attack to show criticism of company or government decisions. Or they intend extortion of affected parties. A sneakier approach is to use the DDoS as cover for a more serious attack. For example, stealing confidential business information while IT and security services are distracted by a DDoS attack.
Who the offenders are or where they come from is often difficult to determine. After all, the IP address doesn’t necessarily indicate the hackers’ actual location. The servers can be controlled from anywhere around the globe. One time we did notice one of our customers was receiving a lot of suspicious traffic from China. In those cases a business can shield itself from the Internet through geolocation.
War on DDoS
Even though the amount of attention afforded to cyber criminality has increased in recent years, DDoS remains a problem. Constant alertness and preventive measures are essential. That’s why we at Telenet have invested heavily these last few years in the technology and equipment required to defend both our own and company networks. For example, businesses can opt for a special anti-DDoS service. An anti-DDoS management system will then continuously monitor all network traffic. We also continue to invest in our own network capacity. That doesn’t just mean our surfing speed goes up, but also that we can withstand attacks easily thanks to more robust connections. Their impact becomes negligible.
Since the end of last year, Telenet collaborates to fight cyber-attacks with DNS Belgium, who handle the domain name registration for all .be domain names. For example, a single name server was installed in Telenet’s network. If DNS were to experience a major DDoS cyber-attack and everything went down, that one server would remain unaffected. Telenet customers would still be able to access .be, .-vlaanderen and .-brussels domain names. Luckily, so far such a worst case scenario hasn’t occurred, but if it does, we’re prepared.
Private Parties ‘Misused’ Too
Am I at risk at home as well? Cyber criminals aren’t all that interested in forcing a private network to go down. However, they may ‘misuse’ your devices to launch an attack. After all, as part of their attack, cyber criminals need a network of computers to send out the data, known as a botnet. The more devices, the stronger the attack, of course. That’s why perpetrators also use hacked computers belonging to innocent users. If you are being used to launch a DDoS attack, your surfing will probably slow down sharply. With the rise of the Internet of Things, more and more often, security cameras, baby monitors and other smart devices are also used to launch attacks. The problem is, people are much less likely to realise those smart devices are also PCs requiring protection.
Three golden rules to protect yourself:
- Perform regular updates for all your devices
To prevent possible security leaks for your computer, smartphone or tablet, you should always install the latest operating system updates. In many cases, you can have this done automatically.
- Change passwords every three months, choosing strong ones
Don’t just change the passwords for your private accounts, but also standard passwords such as for your Internet modem or security camera. It’s best to change all passwords for any devices connecting to the Internet immediately after installation.
- Install an anti-virus or anti-malware programme
Install a security programme that automatically checks for updates and quickly provides new updates when a new virus threatens, for example. The programme should check as many files and emails as possible and come with a good firewall.