As the finale of the show’s second season approaches, security experts from across the IT industry have picked their top hack from the series, and offered some advice on how to protect against it.
“Every second counts in a DDoS attack” Wieland Alge, VP and GM, EMEA at Barracuda Networks:
When E Corp suffered a DDoS attack at the hands of fsociety, the fictional multinational’s critical applications were crippled. Even with Alderson’s expertise and a private jet to get the team direct access to the data centre, the attack lasted around five hours. This might sound like a relatively quick recovery time, but a 2015 IDC survey found the average cost of critical application failure was between £375,000 and ?750,000 per hour ‘so every second of downtime counts.
The recovery time in Mr. Robot’s DDoS attack is quite realistic if the firm is well prepared. In reality, DDoS attacks are far more difficult to defend against. Typically, they are carried out to blackmail organisations and the attackers won’t stop after the first wave is blocked. In this case, the hacker launches a second wave, perhaps using a slightly different type of attack. This process goes on until the victim negotiates or agrees to the attacker’s demands.
The key to effective DDoS protection is the ability to distinguish real users from malicious requests so that suspicious traffic can be blocked or challenged but this is not easily done. The first challenge is to detect the nature of the attack. Then, firms must respond in a way that blocks the meaningless traffic.
The three most important layers of defence are the ISP, the next generation firewall and the web application firewall, as each of these can protect against different types of DDoS attack. Unfortunately, companies have historically underestimated the importance of a web application firewall, which led to a spike in application-level DDoS attacks.
“Smart homes without identity management open your doors to havoc” Simon Moffat, senior product manager at ForgeRock:
Imagine coming home after a long day at work to your ultra-modern smart home, ready to unwind, only to be driven out by a hacker who has taken control of your house. This was a reality for Mr. Robot character Susan Jacobs, who had her thermostat, lighting, TV and audio system and garage doors hijacked by malicious attackers.
Like most consumers, Jacobs probably thought connected devices empowered her to have more control over her home life. In reality, modern IoT continues to be defined by complexity, which leaves it open to cybercriminals and privacy intrusions. While manufacturers focus on end user experience, there needs to be a more joined-up approach to security and privacy, including a strong focus on device, service and user identity management.
Without device focused identity and access management, the Mr. Robot scenario could become closer to fact than fiction. The major problem facing the smart home is that there is no correlation between the identity of the homeowner and the identities of the various smart systems, if those smart systems have identity capabilities at all. It is essential that connected systems have the necessary registration, sign in and pairing processes that people have.
In terms of security, the pairing relationship between a device, a person and a cloud service must be continually monitored, so that only the homeowner, or a third party trusted by the home owner, can control the devices and the data they hold.