The Department of Homeland Security said it has launched a multi-faceted attempt to defend the nation’s computer networks from hackers in light of witnessing a dramatic surge recently with respect to the number of crippling cyberattacks being waged against internet infrastructure.
The DHS’s Science and Technology Directorate on Thursday said its cybersecurity division has set its sights on safeguarding the internet against distributed denial-of-service (DDoS) attacks, an elementary but effective tactic used by hackers to overload a network with illegitimate web traffic to render it useless.
An unprecedented DDoS attack waged in October 2016 targeted Dyn, an internet performance company that runs a popular domain name system that effectively functions as an online directory. Millions of computer users across North American and Europe suffered internet disruptions due to the assault, the likes of which was waged by infecting millions of common, “Internet of Things” start devices with a strain of malicious software known as Mirai.
According to DHS, that incident wasn’t the only debilitating DDoS attack its seen as of late. Using Mirai, “hackers now can access a wealth of infected IoT smart devices such as closed-circuit TV cameras and DVD players with weak default passwords,” DHS said in a statement, then deploy their armies of compromised devices to wage targeted attacks like the one against Dyn.
“As a result, over the past six months there has been an exponential increase in the intensity and frequency of DDoS attacks,” the statement said, including an attack against a French Internet Service Provider that reportedly exceeded 1.5 terabits per second – more than twice the intensity of the most powerful DDoS attack seen during the first half of 2016, according to researchers from Arbor Networks.
To stifle future attacks, DHS said it’s Distributed Denial of Service Defense (DDoSD) project has spearheaded a three-pronged approach intended to give network infrastructure defenders an advantage over malicious actors.
“The project’s two primary focuses are on increasing deployment of best practices to slow attack scale growth and defending networks against a one Tbps attack through development of collaboration tools that can be used by medium-size organizations,” DHS said in a statement.
A third component aims to address other types of DDoS attacks, specifically including assaults that could be used to disrupt access to 911 and other emergency services. Security researchers warned last year that only about 6,000 smartphones would need to be infected with malware in order for a hacker to remotely take control of those devices and wage a DDoS attack capable of crippling emergency services for all of North Carolina.
“The goal of the DDoSD project is to build effective and easily implemented network defenses and promote adoption of best practices by the private sector to bring about an end to the scourge of DDoS attacks,” said Daniel Massey, the manager of the DHS DDoSD project. “Our performers are developing exciting new defense approaches that will help organizations defend against very large-scale DDoS attacks.”
More than 14,000 internet domains terminated their arrangements with Dyn after October’s historic DDoS attack, according to data from Bitsight Technologies, or roughly 9 percent of its customers.