The Threat of North Korea’s DDoS-driven Cyber Attack

With all the news headlines about tensions with North Korea lately, I’ve been wondering whether that country would launch a cyber attack on the United States. And, sure enough, I’m not the only one pondering that possibility. Recently the Washington Times posted an article on this subject, According to the Washington Times, Homeland Security Secretary John Kelly stated that North Korean dictator Kim Jong Un is more inclined to direct hackers against American cyber targets in lieu of deploying a more traditional arsenal.

The article reminds us that North Korea was widely suspected in the 2014 Sony Pictures hack attack. The attack on Sony Pictures was small potatoes compared to the havoc that a distributed denial of service (DDoS) attack can create when it hits a major network; the 1.2 Tbps DDoS attack on Domain Name Service Provider DYN in October 2016 is still relatively fresh in our memory. What would happen if that attack had targeted the New York Stock Exchange, or a major metropolitan transit system? Even a lesser attack, on a major national bank for example, would be more than just an inconvenience.

Experts are unsure whether a utility grid would collapse due to a DDoS attack; the prospect seems unlikely, due to the distributed nature of utility grids. But that doesn’t mean nation-state hackers won’t try. Just over a year ago, Iranians were indicted for launching DDoS attacks on a New York water dam and dozens of banks.

Everyone knows that anyone with limited IT skills can launch a DDoS attack, or if they want to outsource the job they can pay a DDoS-for-hire service to do their dirty work. Last week a UK teenager was jailed for building the Titanium Stresser, which he and many others used to launch about 1.7 million DDoS attacks worldwide. If the North Koreans, or anyone else for that matter, want to launch a DDoS attack, they easily could.

We can rest assured that the U.S. military is aware of these threats, but we cannot rest assured that the enterprises that are subject to DDoS attacks are well-prepared to defend against them. At the RSA 2017 conference a couple of months ago, Corero surveyed IT security professionals and technology decision makers, and 40 percent reported that their organizations are experiencing DDoS attacks on a monthly, weekly or even daily basis. Of those surveyed, 58% of still use home-grown or traditional mitigation solutions to mitigate such attacks; that’s a troubling statistic, because such solutions are hardly effective.

Of course, there are many kinds of cyber threats, but DDoS attacks are some of the most potent in terms of crippling crucial Internet systems. Here’s hoping that North Korea won’t launch any attacks, cyber or otherwise.

For more information, contact us.