By Marisa Jackels, Fargo INC! Contributor
Featured photo by Paul Flessland
By now, you’ve heard the news. Major sites such as Twitter, Spotify, Amazon and Netflix suffered server issues in late October due to a massive hack against internet- management provider Dyn.
Honestly, though, this isn’t anything new. In fact, cybersecurity experts have been talking and warning about these kinds of security breaches for years.
One of those people is North Dakota University System Chancellor Mark Hagerott. Hagerott has spent much of his career working with government and education systems in the eld of cybersecurity. Most recently, he served as deputy director of the Center for Cyber Security Studies at the U.S. Naval Academy.
And what he sees is a lack of awareness around cybersecurity. He calls the digital world the equivalent of the “lawless Wild West.”
During the Dyn attack, we got a glimpse of just how massive this Wild West can be. And, as this headline implies, you might be playing an unwanted role.
Mark Hagerott is North Dakota University System Chancellor.
The Internet of Things
Let’s take a closer look at the attack. What we saw was a distributed denial of service (DDoS) attack, which means it came from multiple different servers. Usually, these are controlled by hundreds of hackers—as in, actual people on their computers. But with this attack, it was determined that these servers were controlled by a new, foreboding strength: the strength of the Internet of Things (IoT).
The Internet of Things, or if you want to sound real tech-savvy, IoT, is basically the collection of all machines that are connected to the internet. And there are A LOT.
In 2016, there are an estimated 6.4 billion devices connected to the internet. By 2020, research company Gartner predicts there will be at least 20.8 billion devices (and that is on the conservative end of estimates, as some predict the number is closer to 50 billion). Pair that with the ability to control parts of the internet, and you begin to see what we are up against.
“(The hack) looks like it was a DDoS using basically zombie bots,” Hagerott says. “We have all these things connecting to the internet. They can communicate and send signals to each other. And if a virus gets in there, they can basically become a robot army.”
Yeah. Scary. And it gets scarier.
If you own a smartphone, a laptop, a smart watch, or any other “smart” device that can connect to the internet, your personal devices are a part of the Internet of Things. Which means that any of those devices is available to be “enslaved.” And here’s the freaky part: You might not even know it.
Hagerott paints the picture. There is something called the “dark web” where a lot of sketchy activity takes place. And in this realm, there is headhunting for devices that can be used to commit criminal activity. So basically, some dark-web hacker could get access to your device and then rent it out to someone else to use to hack into a random computer in Brazil, as an example.
“People get rich by finding machines, taking control—you would never know—and then someone rents it from this guy,” Hagerott said. “All you would experience is that your machine is slow for a few hours because it’s being used to attack.”
In the case of this attack, Hagerott says most of the machines were identified as coming from outside of the United States. But it is conceivable, he says, that “people’s own computers or own refrigerators—if they’re on the internet—were part of the attack.”
In 2016, there are an estimated 6.4 billion devices connected to the internet.
Digital to physical
While this attack was more of a nuisance, in other instances, digital war has been devastating.
In Saudi Arabia, for instance, 35,000 computer hard drives were completely wiped by hackers in a massive attack in 2012. Target and Yahoo have also been recent victims, resulting in millions of credit-card numbers exposed and hundreds of millions of accounts stolen.
Perhaps even more frightening is the realm of politics. The cyber activity in the 2016 presidential election is “unprecedented,” Hagerott says. It illustrates how cyber activity has the potential to impact who gets into office and how entire countries are run.
As an example, he points to Alaska’s voting system in 2014, where they launched the first internet voting system. Cybersecurity experts across the nation warned that the system was riddled with flaws and would be an easy target for foreign entities to control a spot in the US Congress. Alaska did it anyway.
“They went ahead to internet-based voting that was shown to be vulnerable,” Hagerott said. “China could have gone in and picked the Alaskan senator to win.”
It’s not hard to imagine how this could affect politics on a larger scale, and unfortunately, the democratic system that is considered a strength of the United States is a weakness in the cyber world. Because each state has their own voting system, they can be easily hacked—as was the case iAlaskaka.
“People don’t understand that we have cyber superpowers like China and Russia,” Hagerott says. “Could the state of Wyoming stand up against a power like Russia? I don’t think so.”
So what do we do?!?
All of this can sound foreign and frightening. The digital world may seem like another dimension with terms like “cyber armies” and “digital wars” that sound like something out of a sci- movie.
But as we saw this past week—and as we have been seeing slowly but surely over time—this is no longer something we can ignore. After all, as users of internet-connected devices, we are all part of the digital world.
Take solace in the fact that there are “good guys” out there in the cyber world, too. Initiatives like Google’s Project Shield, for example, are working to protect DDoS attacks like the one we saw in October.
But the most effective way to respond, Hagerott said, is with individual awareness.
“Start reading up on cybersecurity,” he says. “Be careful what you click on. Start educating yourself. A lot of this is equivalent to a militia and to having a rifle hanging above your replace. You have to keep your powder dry.”
To start learning more about cybersecurity, here are some recommendations:
“We Are Anonymous: Inside the Hacker World of LulzSec” by Parmy Olson
Krebs on Security
Thorough articles on the state of the cyber world
Find Mark Hagerott’s talk on cybersecurity from TEDxBismarck, “Searching for a Theoretical Framework for the World Now Emerging,” on YouTube.