Data Privacy & Security Service Digital Digest Winter 2016

Data Privacy & Security Service

Issue 7

Recent Events (Continued)

Data Privacy and Security Service Digital Digest Winter 2016

October 21, 2016 DDOS Attack

On October 21, 2016 a significant DDOS Attack occurred against DYN, a provider of DNS services for websites in the United States. This DDOS attack led to many web- sites to appear offline. The map below shows the scope of the impact of the DDOS on internet users. In many regions, the internet appeared unusable for several hours until DYN was able to mitigate the DDOS attack. The attack itself was carried out using basic devices connected to the internet. They include DVR’s, Blu-ray play- ers, TV’s, Webcams, etc. These devices are connected to the internet and have ex- tremely weak security protections. The attack is an example of the vulnerability of the internet and our reliance on it. It serves as an example to be used with staff about having backup and alternative plans available. It is likely that this attack impacted teachers who had planned les- sons utilizing affected websites. Additionally, for technology personnel it can be used as a case study in mitigating a DDOS attack and having an appropriate response.

For Further Information Contact Your Local RIC. Click here to find your local RIC contact

For Subscribers to Service:

Digests & Archived Digests D 3 —Digital Digest Debrief

Inventory Tool

Information Security Online PD for Teachers

Image used with permission from WikiMedia .

Digital Blasts

Summary of Attack:

For more on how the attack was carried out and what it means visit this site .

For details on the devices used in the attack, visit here and here .

Ways to Respond and Mitigate DDOS:

Sophos has some helpful suggestions on what all users can do to help prevent fu- ture attacks. What should you do if you are under a DDOS attack? Visit these sites for helpful tips:

 Access to password protected resources on the RIC Data and Security website: http://www.nysdsp.org  Data Privacy and Security Professional Development

The 5 Essentials of DDoS Mitigation

How to defend against the internet's doomsday of DDoS attacks

5

Made with FlippingBook - Online Brochure Maker