I play an online game called EverQuest 2 that is currently updated and maintained by DayBreak Games, but previously Sony owned Norrath (it’s changed hands a few times since it’s initial release). The first time I heard of DDoS attacks was when Sony’s servers went down and no one could log into the game, or even communicate on the forums.
DDoS stands for “distributed denial of service.” Hackers send millions of fake requests to a server that results in the server becoming overloaded. The server eventually will crash, bringing whatever the server is feeding to an abrupt stop.
With millions of players paying $15 per month to log in and play the game, this was a devastating blow to Sony. It took them quite a while to get their servers back online.
In the meantime, the gaming community angrily posted on various forums. Their anger was directed not only toward both the ass, or asses, who were responsible for the attack, but toward Sony as well, for not having the proper security in place to thwart the attack more rapidly.
Friday we learned that major sites like Netflix, Twitter, Pinterest, PayPal, and Amazon are also susceptible to these attacks. These services, and many others, were down due to a DDoS attack on Dyn.
Dyn handles DNS, or domain name service, for the entire internet. With an attack like this, it is a bit more obvious that good security means nothing to these hackers. Their level of tech savvy seems to be leagues ahead of any IT person working for any multi-million-dollar company, or even companies dedicated to maintaining a company’s security.
Compared to a gaming server going down, the recent DDoS attacks are terrifying. Some may only be seeing these attacks as an inconvenience: “I couldn’t log into Twitter” or “I couldn’t get into Facebook to milk an imaginary cow.”
I hate to tell you, but the DDoS attacks today should have us all shaking in our boots.
Why? How are DDoS attacks more than just an inconvenience?
Think about it for a minute. Everything these days is controlled in some way by computers. Airlines, every stage of government, banks, the stock market, every Entrepreneur who earns a living online, monitoring equipment in hospitals, and so much more. If someone can single-handedly take down Dyn, how long before another country/hacker decides to take down our entire system through DDoS attacks that can’t be thwarted?
Now, imagine that these attacks continue hour after hour, day after day. Banks can’t retrieve financial information in order to allow customers to withdraw money, airlines (who already have huge delays and security concerns) can’t rely on computers to verify identities, provide computer printed tickets, or identify individuals on the No-Fly list with any certainty or accuracy. Doctors and nurses can’t monitor every single patient in the hospital with their current staff without the help of computerized equipment.
Granted, I’m not saying that everything relies on the internet being up, but if they can get there in the first place to wreak this havoc, how long before they can hook into the computers connected to that same internet, and spread the damage more widely?
Could hackers find a way to work together to simultaneously bring down military computers that are necessary to mitigate missile attacks? While at the same time bringing down networks that provide law enforcement with pertinent information about terrorists and other criminals? Maybe at the same time bringing down computers throughout various hospitals so that chaos and terror ensue?
While this reads like some type of apocalyptic sci-fi novel, I don’t think we are too far from this reality. Today’s DDoS attack, and the length of time required to restore service, is worrisome. The attacks started around 7am EST on Friday, and were not resolved until after 6pm EST.
Why Do Hackers Do It?
Many people are asking, “Why do they bother? What do they get out of inconveniencing these companies?” After all, they’re not stealing information; they’re just bringing down servers.
Let me present one possibility to this question. What if it’s not about a prank or just simply wanting to cause some mischief? What if these hackers are “practicing”? What if they are testing the waters, making sure they have everything right for when they unshroud their real agenda?
I really don’t think that society and our government is taking these threats seriously. If they are, they are so worried about the outcome that they are keeping the secret from us, knowing the panic that might ensue. This, my friends, is something to be extremely fearful about.
That being said, what can we do about it? As individuals, especially those with few technical computer skills, the only thing you can do is spread the message and get government listening. If you are technically-minded, you need to stop programming that game you’re working on, and start helping with a solution to stop these DDoS attacks.
I don’t want people to panic, or live their lives in fear, but we all need to be a bit more concerned about how much we, as a society, rely on computers. We need to make sure other measures are in place until security firms, and government, have found a way to stop these DDoS attacks before they can bring down a server.
I would love to hear your opinion on the topic of DDoS attacks. Are you concerned? Do you think that government is considering the possibility that these attacks could be a forewarning to something more malicious? Leave your comments below!