Dyn’s DDoS Attack – What it Means for the Cloud?
Prominent websites like Twitter, Netflix, Airbnb, and Spotify were having sporadic problems since Friday, thanks to a Distributed Denial of Service (DDoS) attack on Dyn’s servers. Dyn is one of the largest ISPs in the world, so an attack on its servers meant a significant chunk of DNS (Internet’s address directory) went down. DNS is something similar to a phone book, and it allows users to connect to different websites and applications. Thus, when the DNS servers were attacked, users could not connect to certain IP addresses.
In most DDoS attacks, the information is intact, but temporarily unavailable. But in this case, Dyn’s core Internet infrastructure was hacked, so any organization that is directly dependent on Dyn or a service provider that uses Dyn’s servers were affected.
Besides websites, a whole lot of Internet of Things (IoT) devices that are hooked to the Internet were also affected. Cameras, baby monitors, and home routers are some of the devices that were affected by the outage. Also, corporate applications that are used to perform critical business operations were affected, thereby raking up huge losses for different companies.
Out of these companies, the ones that were worst-affected are those that rely on SaaS for critical business operations. This attack, in many ways, exposes the vulnerability of cloud computing, and the consequences of depending on third-party servers for the most critical of operations. Had these companies used multiple DNS providers or if they had stored their critical business applications in local servers, the impact of such an attack would have been greatly negated.
Going forward, what does it mean for businesses that depend on the cloud?
First off, this is a complex attack that is believed to have been done by a large group of hackers. The nature and source of the attack is still under investigation, so at this point in time, it’s hard to tell who’s behind the attack. But such complex attacks can’t happen every day as it requires enormous amounts of planning and coordination. That said, Verisign came up with a report recently that showed a 75 percent increase in such attacks from April to June. How much of it translated to loss for companies? Only a miniscule when compared to the direct security attacks that companies face.
Secondly, we’ve come too far ahead with cloud, to imagine a world without it. SaaS, PaaS, and IaaS have become integral aspects of businesses, and the benefits that come from it are enormous as well. So, compromising on the huge benefits for a rare attack is not a sound decision.
From the above argument, we can say that this DDoS attack is not going to change the cloud market overnight. However, it will make users more aware of the vulnerabilities of the cloud, so they will be better prepared to handle such situations in the future. This is also a good learning experience for companies like Dyn, as it’ll look at ways to beef up its security arrangements.
In short, though the DDoS attack was dangerous and widespread, its impact on cloud may be minimal because the benefits from cloud are huge, and such attacks are seen as rare instances when compared to direct attacks on large companies.