This past Friday saw one of the worst cyberattacks since, well, ever. It’s very early days and information is hazy. I’d like to summarize some observations in the moment, then add tentative reflections on education.
A massive distributed denial of service attack (DDoS) targeted a little-discussed but widely used company, Dyn. Dyn handles domain name system (DNS) for a lot of web-based companies and services, including Netflix, Visa, Amazon, Twitter, Spotify, Paypal, BBC, the Playstation Network, Reddit, Squarespace, Soundcloud, Github, Pinterest, Box, all of which suffered outages on Friday. (My wife and I couldn’t reach our local banks for some time.) The means of attack involved a network of tens of millions of machines, possibly infected and organized using the open source Mirai program.
Does “a massive attack on domain name servers” sound familiar? A month ago security guru Bruce Schneier warned that such attacks were being readied.
Over the past year or two, someone has been probing the defenses of the companies that run critical pieces of the Internet. These probes take the form of precisely calibrated attacks designed to determine exactly how well these companies can defend themselves, and what would be required to take them down. We don’t know who is doing this, but it feels like a large a large nation state.
Was he right about the source? Did China (Schneier’s estimate in September) or Russia (say) launch this attack, possibly to preempt America’s apparent retaliation for *another* cyberoffensive? The onslaught was definitely US-centered:
Alternatively, the source could have been a small group of hackers irked by a Dyn researcher’s presentation on new developments in DDoS. It’s a fascinating time to be alive, when we can’t tell if the world’s superpower was just semi-paralyzed by a nation state or a group of irate coders.
Another note: this attack used many networked devices other than desktops and laptops. Indeed, this looks like the first internet of things (IoT) cyberattack. Looking ahead, we should expect more attempts to exploit IoT vulnerabilities.
What does this mean for education?
To begin with, some number of colleges and universities lost some degree of internet connection. I don’t have access to solid data, but heard from several CIOs and IT leaders that their communities couldn’t access certain services. Obviously this is a serious problem.
There is now a greater perceived need for security strategies to be ramped up. Insurance companies may incentivize institutions to take greater steps. IT departments may be better positioned to expand their security resources. I wouldn’t be surprised to see greater emphasis on improving user security skills.
Related: the attack is going to be great fodder for campuses to create or expand cybersecurity majors, courses, and programs. Computer science departments, security programs, etc. will look even more significant. Savvy political science departments will engage
The desire to explore IoT devices for educational, research, and student life purposes could be chilled by this.
What educational implications are you seeing?
(thanks to Facebook friends and Metafilter discussion)