A Tangled Web of Cyber Attacks
|If you had any issues browsing some of your favorite websites last week you weren’t alone! Access to Amazon, Twitter, PayPal and Spotify, just to name a few, was totally cut off on Friday.
How could this happen?
Industry professionals call it a distributed denial-of-service, or DDoS, attack. In other words, a whole bunch of devices connected to the Internet sent a lot of data to machines (servers) that made them crash. Hackers did it, though exactly who remains in question.
The attack vector, though, is definitely known. Websites were not actually attacked. Instead, the suspects targeted the path that 99.9% of people use to get to the websites.
A bunch of online machines called domain name system servers, or DNS servers for short, help the Internet work. They allow regular folks like you and me to type in a website name and get there.
Behind the scenes, these DNS servers link the website name that you type to an IP address. So, the home address of the website, instead of 231 Main St., USA, is usually something like 198.51.100.24.
Remembering complex numbers like this isn’t the strong suit of most humans, so we hit the easy button and leverage the simplicity of the DNS servers. At least until they’re massively attacked and taken offline.
This recent attack has brought to light concerns of a possible new attack 10 days from now…
With Election Day less than two weeks away, some folks are worried that key information may not make its way to voters if we see another DDoS attack.
In Hong Kong in 2014, a DDoS attack took down a key election website during a big vote. It affected the information flow during the campaign.
So now the pay-for-protection business model is booming.
It’s something I follow as part of my MarketVOX Trader service. Disruptive technologies could help solve some cyber security problems, and I look at ways to actually profit from them.
You see, if you want major protection from a DDoS attack, you have to pay a major protection service provider to employ a massive online infrastructure to safeguard your precious site.
It’s kind of like paying your local “Union Rep,” Uncle Vito, to operate your store in his territory under his protection, whether you like it or not.
DDoS attacks are just the tip of the iceberg when it comes to threats. There are a ton of far worse events that can occur from the mischievous minds operating online.
Plain theft has been the biggest issue in recent years. Yes, getting your company’s credit card payment system hacked into is a problem, but imagine having all of your company’s intellectual property stolen.
Intellectual property (IP) includes everything from drawings, plans, training materials, trade secrets, and, of course, research and development projects.
According to a new survey from Deloitte, one-fifth of the 2,500 professionals surveyed suspect that employees and other insiders steal company IP. In the automotive industry, one-third held this suspicion!
That’s a big problem when, across the S&P 500 in 2015, companies’ total value consisted of 87% intellectual property and only 13% tangible assets.
One technique companies employ to lockdown IP theft is role-based access control on their networks. If you don’t have a critical role on a program, your access to the data associated with that program is restricted.
Role-based network identities, though, are usually accessed by… a username and password. The problem with usernames and passwords is that hackers can easily steal and leverage them to download the guarded information.
Some companies have swapped to biometrics for access, which include fingerprints, iris scans and other bodily identifiers. But what happens when the biometric data eventually gets stolen?
Most people just reset their password when it’s compromised. But resetting your fingerprint or eyeball is tough, even for a guy like Jason Bourne.
One New York City-based startup company called HYPR Corp. is working to solve the problem of biometric theft with novel solutions that involve decentralizing the data and encrypting it. HYPR recently closed a $3 million seed round to make its cybersecurity products widely-known.
Bottom line: cyber security and protection continue to be a growing and profitable business sector. The problem is that no one really respects it or is willing to pay for it until they’re the ones compromised.
It really is a tangled web of cyber security. Appropriate, with Halloween fast approaching.
Information on these pages contains forward-looking statements that involve risks and uncertainties. Markets and instruments profiled on this page are for informational purposes only and should not in any way come across as a recommendation to buy or sell in these assets. You should do your own thorough research before making any investment decisions. FXStreet does not in any way guarantee that this information is free from mistakes, errors, or material misstatements. It also does not guarantee that this information is of a timely nature. Investing in Open Markets involves a great deal of risk, including the loss of all or a portion of your investment, as well as emotional distress. All risks, losses and costs associated with investing, including total loss of principal, are your responsibility. The views and opinions expressed in this article are those of the authors and do not necessarily reflect the official policy or position of FXStreet nor its advertisers.