Each week we bring you some of the top news in cyber security from around the globe. This week truly circumvents the great sphere, from such diverse corners of the globe as the UK and China. What’s more, there’s a theme this week—a theme of breaking things.
So grab that hammer and let’s get smashing.
First Stop: Breaking Laws
So maybe this one isn’t a physically broken object, but someone might be about to get a little roughed up: an 18-year-old student in the UK charged with running criminal DDoS activity.
Distributed denial-of-service attacks hijack the internet of things (IoT, internet-capable devices), turning them into a robot army that attacks a server or website or otherwise disrupts system operations of the target. They can cost companies millions (more on that later). But who helps the DDoS attacker if he needs IT support?
Apparently, this guy: Jack Chappell. He’s being charged with supplying DDoS service, even running an online helpdesk for cyber criminals, to attack companies like Netflix, Amazon, the BBC and more. Some of the biggest recent DDoS attacks essentially crashed the internet. That means kids like Chappell, and about twenty teenagers throughout the UK accused of similar DDoS crimes, have made a number of enemies.
In an attack of that nature, no actual theft occurs. However, Chappell is being charged under the Computer Misuse Act, since DDoS attacks do disrupt company operations and therefore can cost companies money, as well as create agitation for customers.
Second Stop: Breaking Bank
Speaking of cost, how’s this number: $1.6 million. That’s the average cost to a bank when hit by a DDoS incident. For other types of businesses the average cost is still high, but not quite seven figures, only $952,000. Those numbers come from a joint study conducted by Kaspersky Lab and B2B International.
It turns out, DDoS attacks are more expensive to companies than most other types of security breaches, even more so than malware. The most expensive component to recovery from a DDoS attack has to do with brand reputation: when word breaks of a major cyber security breach, it can cause changes to credit and insurance ratings.
Some other interesting data for smaller companies: paying the overtime to combat a DDoS attack is another major expense. Also, companies who have suffered one, frequently report plans to add personnel to their IT department.
Better late than never?
Third Stop: Breaking through a Wall
Speaking of things that seem late, our third story this week in the land of recent cyber attacks takes us to the other side of the world, home of the Great Wall.
Sure, China has a physical Great Wall, built to keep out “barbarians” to the north, and famously visible from space. No, this is the invisible Wall of China: the Great Firewall meant to keep Chinese citizens from seeing anything on the internet that the government doesn’t approve of things like Facebook, YouTube, and the like.
Chinese citizens have used VPN (virtual private networks) to circumvent the wall and access banned content. Such tools were readily available for iPhones and other popular devices, and the Chinese government basically looked the other way. Well, not so much anymore. The Ministry of Industry and Information Technology, which regulates internet access in China, has started to crackdown on popular VPN’s.
Soon, if you want to watch YouTube, you may have to leave China.
Stay tuned for next week when we bring you more cyber security news: same Bat-channel, same Bat-time.