It's dark on the streets. Twitter, Facebook, and Gmail... they have all stopped working. Nor is it possible to use online banking services. Or make any phone calls. A car is burning in the distance. You can hear your neighbour crying through the icy wind. The internet has been hit by a cyber attack. The whole of the Netherlands has shut down. Is this complete nonsense? Or could this really happen?
Your first impression would be to think that this scene has come straight out of a film without any basis in reality. An attack on such a scale has never ever occurred. Almost all the data centres in the Netherlands would have to be under attack simultaneously to have such an impact. How could something like this be coordinated? Where would the attackers get their computer capacity from? In addition, all those data centres would have implemented a range of security measures precisely to ward off such attacks. In other words, it's complete nonsense.
Nevertheless, an attack on the internet in the Netherlands isn't really such a strange notion. Developments are being made in the area of DDoS attacks, in which the network is flooded with traffic. At present, such attacks do not usually exceed more than 10 Gigabits of traffic per second. Moreover, many of the attacks are targeted at specific web applications, which means that relatively little traffic is required. However, things are set to change.
The arrival of the Internet of Things (IoT) has brought with it a large number of new devices, which often have poor security, if at all. According to a study conducted by HP, 70 percent of the 'Internet of Things' is at risk of being hacked. All these devices could then be incorporated into botnets and used to launch a DDoS attack. In other words, the capacity of DDoS attacks will increase exponentially in the near future. Although limited to several Gigabits for now, DDoS attacks in the future will have a volume of dozens of Terabits per second.
<h2.paralysing the="" internet="" for="" fun<="" h2="">
Add to this the fact that internet criminals are becoming increasingly professional, compared to what were usually amateurs in the past. However, these amateurs do still exist. Last year, for instance, fifteen-year-old Robin W. from Ruurlo was the 'leader' of the DDoS attack on the Dutch internet provider Ziggo. If a script kiddie can shut down a network for fun, just how much damage could a 'professional' do?
Even more of a danger are the criminals who have been active in recent years selling DDoS attacks. In addition, hackers are increasingly becoming politically motivated. A good example is Anonymous, a hacker movement that paralyses a company every once in a while because of something they do not agree with. And there is also a rise in the number of governments making their presence known on the internet. Countries have a lot more money and resources to set up a sophisticated large-scale cyber attack. Paralysing a country's network isn't really an interesting job for money-grabbing criminals, but for politically-motivated individuals from terrorist organisations it can be a serious goal.
In the future, we can expect to see DDoS attacks launched by terrorists on a huge scale. Would the Netherlands be able to defend itself in such a situation? Possibilities are currently being explored to 'disconnect' the Netherlands from the rest of the internet through the 'Trusted Networks Initiative'. Should the rest of the world then go under, the Netherlands would be as safe as Noah's ark.
We also have scrubbing centres in this country that can filter out the traffic from DDoS attacks. Previder itself has become a participant in the NaWas (National anti-DDoS Scrubbing Centre initiative). Although the centres have adequate capacity at present, there is a limit to the amount of traffic that can be filtered. The question is whether the Netherlands is sufficiently prepared.
What can companies themselves do?
There are also measures that can be taken by companies. Admittedly, if the internet is shut down, your competitors will be too. But it can certainly do no harm to ensure that your company will be able to retain access to its business-critical data and applications. Do you, for instance, have a direct connection to your data centre or cloud environment? Could you continue working if the internet were to shut down completely?
It might seem excessive to protect yourself from a cyber attack by the Islamic State, but it is certainly a useful exercise to examine your company's capability of withstanding and coping with a cyber attack. Because one thing is certain, we can expect bigger and more frequent cyber attacks to happen in future.