We need your help now
Support from readers like you keeps The Journal open.
You are visiting us because we have something you value. Independent, unbiased news that tells the truth. Advertising revenue goes some way to support our mission, but this year it has not been enough.
If you've seen value in our reporting, please contribute what you can, so we can continue to produce accurate and meaningful journalism. For everyone who needs it.
Sign in. It’s quick, free and it’s up to you.
An account is an optional way to support the work we do. Find out more.
By continuing, you are indicating that you accept our Terms of Service and Privacy Policy.
AS LONG AS there are devices online, there will always be attacks made on them.
This week saw the latest examples emerge with Government sites and a few others being forced offline.
The type of attack, Distributed Denial-of-Service (DDoS), isn’t new but the frequency in which they’re appearing is increasing. It’s the most common type of attack because of how easy it is to complete, but how much of an impact can they really have?
What exactly is a DDoS attack?
In basic terms, a DDoS attack overwhelms a site or service with traffic, causing it to slow down or go offline.
Such attacks have been carried out for as long as the internet existed, but the ease of which you can perform one – either by having the required skills or enough money to pay for an attack, provided you know where to look – makes one easy to carry out.
A good way to think about it is if you were to liken a site to a train. While they’re designed to handle both normal and rush-hour crowds, a DDoS attack sends a large crowd continuously pouring in without warning. If it becomes too much, it prevents the train from moving and stops people from traveling.
How are they carried out?
How it does this is through a process called a botnet. This is when computers and devices connected to the internet contribute to an attack, without the owners’ knowledge.
As part of the attack, these computers are infected by malware or a virus giving an attacker control of it. The owners of these computers are unaware this has happened, the most they will notice is slowdown or crashing.
Those controlling these computers, which can easily be a few computers or a hundreds of thousands depending on the attacker’s proficiency, can be used to target a site or service. Even if the attack doesn’t succeed, the source behind it is next to impossible to track down thanks to the number of devices used.
Sometimes botnets are referred to as a zombie army in that those computers affected have no control over what they’re doing, mindlessly sending traffic to the one target while it tries to defend itself.
A bit like this.
Why are they carried out in the first place?
There are a few reasons but usually boil down to two big ones: activism and extortion.
In the case of activism, the founder of security consultancy BH Consulting, Brian Honan, explained that this could be done by targeting a large or prominent service, and using the attention to highlight a message.
“It can be used as a tool to promote your messages so they’re normally followed up,” he says. “[The group] claiming responsibility for the attack and why they’ve done it”.
Extortion usually happens by a group threatening a DDoS attack unless a fee is paid. For most commercial sites, downtime can have an adverse effect on day-to-day business and can result in lost revenue. An attacker can target a site, tell them to give them money or suffer a DDoS attack, and carry it out until they pay it or figure out a way to counter it.
The cybersecurity services expert for Grant Thornton, Mike Harris, says such attacks are “making a comeback” compared to a few years ago.
“There are websites … [where] you can buy time and bandwidth and you can point it [towards a target],” he says. “It’s very straightforward to do with very little expertise”.
How big a concern are they?
They’re noticeable depending on the target but not at the same level as other cyberattacks that result in personal data being stolen. Honan says such attacks have been happening for a while , it’s just that they’re more noticeable now since the internet plays a major role in our lives.
“DDoS attacks are nothing new, they’ve been going around for decades”, says Honan. “What’s happening now is because we have more systems online and in a way, we’re more dependent on them, these attacks are becoming more visible”.
Yet the bigger problem is there being more devices starting to connect to the internet. While this was limited to PCs and smartphones, the Internet of Things is now connecting generic items like fridges, thermostats and other household items. While it offers greater functionality, it brings up its own major security issues.
Although it wasn’t an attack, a recent example saw the Nest thermostat deactivate in the US because of a software bug, leaving owners unable to change temperatures and heat up their home. If a bug can cause that much trouble, an attack can do worse.
“There is new technology, new services and new devices that are being created, installed and plugged into the internet with security being an afterthought, without security designed from the very beginning,” says Honan.
There is an onus on companies out there developing applications services and solution that they need to make sure they build in security at the beginning instead of making it an afterthought.
It’s a concern echoed by Harris who says what we could see now are industries, which traditionally never dealt with the internet, having to tailor their devices to cope.
“Industries that haven’t been dealing with security threats that the internet brings are now front and centre of those threats,” says Harris. “They’re not doing the things the IT world has learnt, to varying levels of success, to defend against these attacks, and that’s combined with organised crime working out how to monetise these threats”.
Most organisations prioritise functionality. [They ask] ‘Does it do what it’s supposed to do?’ instead of ‘Does it do things it’s not supposed to do?’
So it’s all doom and gloom, huh?
Not quite. While such attacks are easier to do, defences against them have improved and for every attack you hear about, there are many, many more that failed.
Unsurprisingly, the responsibility falls on companies and site owners themselves to have the necessary protection. It’s easier for larger corporations to fund, but smaller businesses should keep it in mind since such attacks can have a bigger impact on them.
[DDoSs are] not too complicated to conduct,” says Honan. “Likewise if you have the right tools and services in place, they’re easy to defend against too”.
For businesses that are going online, they will need to sit down and look at what services they’re offering online and the potential threats they face and put the right protection in place … The same way you’re opening up a physical office, you need to make sure you have security in place.
Harris offers similar advice for smaller businesses.
“There are things organisations can do [like] have conversations with their ISPs (Internet Service Provider) about what protection they can get,” he says. “Often what you see is organisations won’t do anything until they get hit … and they don’t realise how important their website is to their business.”
Yet a DDoS attack isn’t the be all and end all for anyone, and while they can take sites offline, Harris puts the situation into perspective.
The world hasn’t collapsed. A couple of sites are knocked out. It’s not the end of the world.
To embed this post, copy the code below on your site
I’m more interested in why? The Lotto or the CSO are hardly important targets, in the general scheme of cyber espionage
Because they can..
Sometimes they are done to divert attention while a more advanced and targeted attack is carried out. Although that’s just speculation, it could just as much as easily be an individual or group who want to cause the government a bit of grief.
Ok. It would be interesting to see what the “real” target was.
The CSO were implicated in the deceipt with eurostat and IW. So this might he a businessman with intentions to buy IW laying down a marker but likely it was Paul Murphy and Gerry Adams. Or so the fella with the two pints talking to Enda told me.
They know that knocking out a website will divert the attention of IT admins and generate a whole load of noise. Same as in the physical world, if you can create a distraction for the people tasked with monitoring security a theft or other criminal act stands a much greater chance of succeeding.
Let me guess, to be blamed on some crazed water protesters. I heard these water protesters operate out of hallowed out hills from the Wicklow mountains where they have several different command centers.
Hallowed lol
Do you seriously think that someone will go to the effort of trying to hack someone else’s heating system?
And we have strict data privacy laws to stop personal data being exchanged. Not saying it doesn’t happen but it’s not as widespread as you make it out to be. Nice fearmongering though.
“If you don’t send us a fiver, you have no heat”. In, say, Canada. .. (-20°), this is not an idle threat.
While the ‘internet of things’ offers greater control and convenience to users, it also exposes users to greater risk. There could be a coordinated attack on a given geographical region or device – imagine that during a snow storm (as the US is experiencing) a hacker could potentially shut down your heating system. Fridge companies selling your eating habits data to food retailers without your consent or even your living routine data being monitored, reported on and sold to the highest bidder!
They are buildings owned by the Government, but that’s not important right now.
I fail to see the relevance. They are owned by the state, btw. The difference is important.
I can see the future, good old Denis has bought a software company at a knocked down price. Yes it’s getting clearer, the taxpayer will pay his company millions to develope some software that you could buy over the counter at any computer store then we will Lience this software to good old Denis and co. At an inflated price this software by law will have to be install on all computers in Ireland. It won’t fix any bugs just contuine create another windfall for unnamed investors in another offshore company. Let’s keep the gravy grain going.
Ddos is very simple you’re in a restaurant with 4 staff think of the staff as the backend servers.The system as it operates works fine , now theres 100 people there and for some strange reason they all shout their orders the staff can’t keep up and confusion ensues. The staff get fed up and walk out leaving the people shouting.
The tcp/ip system can usually handle 1000 requests but in a case like buying in tickets for a major concerts like in ticket master this happens normally.
The creepy part is that in order to do the Ddos the hackers have to compromise peoples computers. Your laptop could be part of that operation and you would not know it.
have your say