On October 21, 2016, the U.S. was the victim of a massive, malicious and blindsiding assault—without a foreign machine gun, grenade launcher or tank so much as touching American soil. How is that possible? Because we’re not talking not about a physical attack, but about a cyber attack. And here’s the worst part: While this recent event might have been the largest of its kind to date, it’s not going to be the last.
Understanding the Attack
So how did cyber attackers manage to take down the internet? That’s where it gets really scary. They used malware to infect the personal devices of hundreds of thousands of unsuspecting people, then used them to flood a middleman website, Dyn, with so much traffic that users were unable to access their online destinations, including prominent websites like Spotify, Amazon, Twitter, PayPal and Netflix. A Dyn spokesperson described the attack, which was conducted in three waves throughout the day and involved “tens of millions of IP addresses all hitting Dyn servers at the same time,” as “well-planned and sophisticated.”
The disruption wasn’t just inconvenient, it was also costly. According to CNN, the attack may have amounted to as much as $110 million in lost revenue and sales for the impacted businesses.
Not If But When
Senior officials have been warning stakeholders for years about the imminence of a “cyber Pearl Harbor” attack. And while putting odds on a major event is difficult given the exponential increases in smaller incidents, according to information resource for federal technology decision makers Nextgov, it’s not a matter of if but when. Nextgov further cautions that when it does happen, “the first major cybervent against the United States could be a one-in-2 million incident or a one-in-10-trillion incident.”
Are You Ready?
All of which begs the question: Is your organization prepared for a cyber attack? If not, you may be putting your business unnecessarily at risk. Because not only are cyber attacks happening more frequently and with more ammunition behind them, but cyber attackers are also getting smarter, which means businesses need to be smarter, too.