Student post: East Coast Cyberattack poses the question: Are we truly safe?

On Friday October 21st, at around 7:10am EST, many internet users from all over the country lost connection to many commonly used sites in an attack that rippled across the country from east to west. The company was able to restore service a few hours later but then had to shut down at around noon. By this time, the hackers had started to make their journey to the West coast.

What happened? There was a huge attack on one major provider of the Domain Name System, Dyn Inc., which resulted in them taking down a few popular sites such as Netflix and Spotify (to name a few). Oh the horror!!!!

Kyle York, who is currently the Chief Strategy Officer of Dyn, said the hackers launched a distributed denial-of-service (DDoS) attack using tons of malware – infected devices connected to the internet. According to their records, this is the third attack they have experienced this year.

cyber-attacks-2

A DDoS can be achieved in a number of ways, but usually involves a distributed network of  “zombie” machines, referred to as botnets. A botnet is formed with computers and other connected devices in homes or offices infected with vicious code which, upon a hacker’s request, can take over a web server with data. One or two machines wouldn’t be an issue, but if tens or hundreds of thousands fire such data simultaneously, it can impair even the best of web servers.

By Friday evening, the attacks were stopped and all was right in the world again.

Unfortunately, security professionals are anticipating more cyber attacks centered around the Internet of Things (IoT). This assumption was made after a hacker released a software code that powers the malware, called Mirai, just a few weeks prior.

A padlock is displayed at the Alert Logic booth during the 2016 Black Hat cyber-security conference in Las Vegas, Nevada, U.S. August 3, 2016. REUTERS/David Becker

“I have never seen severity this big, impacting so many sites and lasting over such a prolonged period of time,” said Dave Anderson, the vice president of marketing at Dynatrace LLC. “It just shows how vulnerable and interconnected the world is, and when something happens in one region, it impacts every other region.”

Cybersecurity is an ever growing concern across the globe. As hackers become more and more sophisticated, they constantly change their tactics to overcome security measures in place by companies and organizations. This causes an issue where cybersecurity professionals are forced to respond to attacks as they happen rather than prevent them entirely – no matter what security measures are in place, dedicated hackers are focused on finding a way to beat the ‘challenge’. As a result, the cybersecurity industry is constantly on the look out for talented professionals.

Seidenberg Students Involved in Dark Research

Tor_WordmapThere is a lot of buzz about the Dark Web these days, especially after the highly-publicized take-down of the Silk Road. Concerns about the Dark Web are not just limited to drug markets, illegal arms, sinister hitmen and notorious hackers for sale but impacts our own personal well-being. Companies have been investing heavily in cyber intelligence tools and hiring new employees to scour the Internet for threats as well as the Dark Web.

Students at the Seidenberg School have been delving into the dark reaches of the Dark Web and assisting private and public sector entities to better understand organizational threats. This is especially important because stolen personal information, like payment card numbers, health records and other stolen data is actively marketed in bulk quantities. Cataloging and searching these marketplaces has been a challenge due to the lack of indexing Tor sites and the fact that these sites come and go on a daily basis. This is where the Seidenberg students’ research becomes vital to assisting law enforcement and the intelligence community.

Tor site for selling stolen payment cards
Tor site for selling stolen payment cards

One member of the student researcher team said: “Researching the dark web has highlighted the importance of operational security to protect myself and my data.

“This experience has shown the important relationship between of academic and law enforcement, as criminals are exploiting the same vectors university students are researching. Students can personally benefit from this relationship by having a real world application for our research, and know that our findings can stop the activities we investigate.

“The dark web has shown me how vast the internet is and the potential for good and bad it has. It is a very exciting time to be a security researcher.”

The students undertaking the project are doing so in the Internet Technology class IT-662 Web & Internet Security.

The Dark Web is a vast chasm and DARPA’s Memex program is indicative of how the government has become more dependent than ever on university researchers to find the terrorists, organized criminal gangs and enterprising thieves on the Dark Web.

What is startling from our initial findings is that only a very small percentage of Tor sites, operating criminal marketplaces, are ever taken down with the perpetrators being brought to justice. It’s a daunting task but Pace University is doing its part to identify the nefarious actors on the Dark Web.