As noted by many observers, we are witnessing an escalation in the world of cyberwarfare that is revealing scenarios so far only hypothesized.
After the attack on the Democratic National Committee (see article of Difesaonline), last Friday other limits considered to be insurmountable have been broken: for several hours the American web has been blocked and the consequences are neither relegated to the IT world alone, nor limited within US borders. On the contrary, if we put together the pieces of the mosaic, we can glimpse global and very concrete consequences: it was another attack on the American democratic system.
Many details of the attack are not yet known (and who knows if they will ever be ...), starting with the identity of those who launched it and the real repercussions suffered by the US system. However, some considerations can be risky and all allow us to affirm that we are facing a resounding fact that will give a further "shock" to cyber-space.
The Wikileaks tweet claim is not considered reliable and in any case it is too vague to be taken seriously. Therefore, in order to attribute the attack we must rely on investigations initiated by US authorities.
The attack itself was based on a well-known and well-known technique: choosing a target and identifying vulnerabilities (not necessarily only technological), infecting hundreds of thousands of devices by exploiting known or newly discovered vulnerabilities, through a malware (malicious software .. damned creators of acronyms!) specially built or, more realistically, obtained by adapting one already available on the black market and at a precise moment all the infected devices, simultaneously, "bombard" the data target to literally send it to tilt.
It is the technique known as Distributed Denial of Service, implemented using botnets (robot networks), or virtual networks (networks) of devices (robots) connected to the internet and which have gained full control without the users' knowledge (such devices are called zombies ... just to stay in the halloween climate). All in all a fairly conventional scenario. But is not so.
Again and resoundingly, in the attack of last Friday, at least three characteristics can be recognized.
Before: the target consisted in one of the companies that in the USA provide a very important, indeed critical, service for the functioning of the Internet.
Second: in the botnets, thousands of so-called "smart" devices (irony of fate!) Connected to the Internet have been "enrolled". We are not just talking about personal computers or mobile phones, but the so-called Internet of Things - IoT, or cameras, alarm control units, thermostats, refrigerators, ovens, cars, etc.
Third: the context is that of the elections of the next US President. Let's analyze these three factors.
For the first time, an infrastructure classified by the US authorities as "critical" was hit so blatantly. The company affected by the attack, in fact, provides the Domain Name System, that is one of the systems that allow everything connected to the Internet to communicate online. Interrupting the service provided by this system means effectively interrupting the functioning of the portion of the Internet that relies on the target company (in this case the East Coast was particularly affected). The US system (authorities and companies), therefore, was not able to defend one of the pillars on which its network rests. Among other things, in addition to image damage, it would be curious to have an estimate of the economic damages caused both to the company concerned and to the companies that own the websites that for several hours were unreachable by users and smart devices.
Furthermore, for the first time, the IoT, the Internet of things, was massively exploited. Many experts agree that the process of digital revolution that we are experiencing could be put at risk by a strategic error: in the development of the hardware and software security has been neglected and still is. This is to the benefit of mere economic revenue. In practice, debunking the Italian commonplace adagio "so then we put a piece", companies all over the world have sold us products full of vulnerability, limiting themselves to remedy with more or less short response times, releasing security updates, almost always after an attack has been successful. And the attacker this time exploited this situation "hands down".
Finally, third element, perhaps the most relevant, just a few hours before the attack was launched, on the occasion of the latest TV duel between Trump and Clinton, the Republican candidate cast a disturbing shadow on the regularity of the upcoming elections. After these statements, a few days before the vote and after what happened on Friday, how the average American voter should feel knowing that in 31 states of the federation and in the District of Columbia, voters abroad (including military) vote using the Internet , while in Alaska this applies to all citizens? We are once again facing a US heart attack: is the voting system really reliable? There are too many coincidences not to venture the hypothesis that someone is taking advantage of every opportunity offered by the two candidates, to create serious interference in the US elections. In America they have noticed, while in Italy it is thought that these attacks, after all, are only NERD things, which do not concern us.
One last reflection. Some time ago the colossus Intel has acquired the company McAfee: the leading processor manufacturer (the heart of every IT device) has acquired one of the most prominent companies in the IT security market. What does it mean? That someone bets that the success of the IoT will depend above all on the ability of hardware and software manufacturers to make their products intrinsically safe. The consumer, sooner or later, will finally be aware of the risks associated with the use of the Internet and therefore will increasingly rely on manufacturers who will put profit and security assurance levels on the same level. Indeed, some will make security the added value of their productions. Who understood it in time as Intel did well. Anyone who still chases events by producing security patches (the famous "patches") will probably disappear from the market.
(photo:websites)
