Wow! Just when I taught I had seen everything concerning cybercrimes, I am thrown off guard and cybercriminals are using new tactics to ramp up their attacks. I don’t know if you saw the recent distributed denial-of-service (DDoS) attacks launched against services like OVH or Akamai, but those are quite scary.
The attack against OVH for example is just plain crazy. The cybercriminals are literally using the Internet of Things (IoT) to make their DDoS more effective. The cyberattackers are generating requests by going for unsecured webcam connected to the Web. In other words, they are using connected devices that are part of the IoT to conduct their attacks. This generates traffic of more than 1.2 Tb per second on the OVH servers. During peak time, the attack can reach around 1.5 Tb per second. That is an insane flow of data to defend against. And the major problem is that it won’t be going away tomorrow.
The IoT and the Unsecured Web
Such problems won’t be going away so easily for three major reasons. First, the harsh truth is that many IoTs just aren’t secured. Their architecture aren’t developed with security in mind. They are designed for their usability, but not to provide security. Yeah, again, security doesn’t seem to be sexy enough for the tech market.
The second reason revolves around the user. Many users are buying those new connected devices happily and without any second thought. Considering that “1 2 3 4 5 6” is still one of the most commonly used passwords, it’s safe to say that the consumers aren’t always the most disciplined when it comes to securing their devices.
Finally, it is evident that IoTs are becoming increasingly popular as the market is bringing more and more connected devices to consumers. Considering the two previous points, this can only mean that it has a multiplying effect on the number of potential vulnerabilities on the Web. Not only are there more targets to attack, but there are also more devices to gather and use against other potential targets.
Recently, Bruce Schneier, internationally known security guru, wrote a really frightening article about some folks out there who were literally trying to take down the Internet. Well, looking at the type of attack OVH is facing right now, I can only agree with Bruce Schneier’s article. The deep dark corners of the web is a breeding ground for very nasty things and it is bad, really bad.
What Can We Expect Next?
What is the next frontier of cybercrime? Well, right now, we are seeing a lot of automation. Most of the DDoS are conducted automatically by systems that are managing a big part of the job on their own. For example, some machines are constantly scanning connected devices to unveil risks of being infected by well known vulnerabilities.
So, the next logical step to those kinds of cyberattacks is the integration of artificial intelligence (AI), it pushes the boundaries of automation logic forward. In the near future, there will probably be a machine that will not only scan the Internet for potential targets, but will also be capable of different means of attacks to detect potential and adapt to new vulnerabilities.
You might think that this is something that we only see in fiction? Well, maybe you should check into the Defense Advanced Research Projects Agency (DARPA), which are currently experimenting the integration of artificial intelligence in cyberattacks through contests.
In the near future, the Internet could be in some kind of perpetual cyberwar where machines would fight against machines constantly in a never-ending battle to control systems. This is a scary thought, but it is dead on dangerous. Building systems rigged only to harness computational power for an ever-growing computer AI, doesn’t sound like a popular movie we all know…
When I watch this, I have to say that I agree with Elon Musk when he’s warning us that it is almost like building Skynet. Especially in the current situation where we are putting ourselves in a constantly increasing situation of dependence to the Internet and connected devices. To quote Cypher in the Matrix movie: “Buckle your seatbelt Dorothy, because Kansas is going bye-bye”.