Wednesday, February 12, 2014

"Ugly things" on the Internet's raging sea

"Ugly things" on the Internet's raging sea

“Start of ugly things to come”. That was what CEO of security firm CloudFlare, Matthew Prince, tweeted at dawn yesterday, after a massive denial of service attack (DDoS) mitigated by his company’s infrastructure on Monday.

Imagine the sea breaking on the shore. Normally towns located by the sea are prepared to receive the pounding of the waves. However, strong storms such those that they recently suffered in northern Spain are very destructive and have the power to collapse any village’s activity. DDoS attacks between 300 and 400 Gbps which take advantage of NTP protocol’s weaknesses, as it happened two days ago, are a new trend with a devastating capacity to hit Internet servers, just like a huge storm smashing coastal cities. Hence Mr. Prince predicts a very ugly future.

But DDoS techniques are not the only danger in the present and future of the Internet. In this ocean of interconnected devices, the wind pushes the waves toward the shore with very different intensities. On the one hand, the widespread use of cloud services by cybercriminals make them much more difficult to locate, according to Europol. On the other hand, the employees' bad practices when sharing sensitive corporate documents using different means from those provided by your organization (email, external devices, Dropbox) poses a major security risk for companies.

Along with those threats, we will find a bit less powerful waves which nevertheless can give a shock to someone, as the last vulnerability discovered on the website of the popular social network Instagram. That flaw would have allowed an attacker to anonymously change a user’s privacy settings leaving his private photos exposed.

However companies are taking steps to not become vessels adrift in rough waters. Spanish bank BBVA, for instance, has implemented an advanced global security management system called "Faro corporativo" (Corporate Lighthouse) to shed light on all security incidents that occur both in its offices and at the group’s corporate headquarters. In addition, the number of organizations adopting encryption strategies grew by 6 points since last year, while enterprises that have no encryption policies at all decreased by 8%, according to the 2013 Global Encryption Trends Study.


We invite you to rate our posts, to leave your comments and to share them on social networks. Also, if you want you can follow us on our profiles. At the sidebar, you’ve got the links ;-)7


Post a Comment