Today, the Internet experienced - and in some cases, is still experiencing - a massive Distributed Denial of Service or DDoS attack, impacting major sites and services like Amazon, Twitter, Spotify, and Netflix. Websites of news organizations such as CNN, Wired, the Guardian and Fast Company were also affected.
These attacks are not new. A DDoS attack occurs when a web service is intentionally inundated by a flood of traffic. In these instances, devices are hijacked to overwhelm the target with data. These networks of hijacked devices are known as botnets.
The threats we see from this DDoS attack as well as many others, such as data breaches and ransomware incidents, are what we aim to help people and businesses prevent through our education and awareness efforts. We do this all year round, and especially in October during National Cyber Security Awareness Month.
This attack in particular touches on one of the core concepts that we believe in cybersecurity: that every measure you take to be safer online makes the Internet more secure for everyone else. Devices that may not have up-to-date software or inadequate protections built in, or have weak passwords or credentials, are the ones that are hijacked for these kinds of attacks.
NCSA encourages people and business to implement the most basic cybersecurity hygiene and sound online practices for themselves and for others, such as:
- Lock Down Your Login: Fortify your online accounts by enabling the strongest authentication tools available, such as biometrics, security keys or a unique one-time code through an app on your mobile device. Your usernames and passwords are not enough to protect key accounts like email, banking and social media.
- Keep a clean machine: Keep all software on internet-connected devices – including PCs, smartphones and tablets – up to date to reduce risk of infection from malware.
- Personal information is like money. Value it. Protect it.: Information about you, such as purchase history or location, has value – just like money. Be thoughtful about who gets that information and how it’s collected by apps and websites.
- When in doubt, throw it out: Cybercriminals often use links in email, social posts and texts to try to steal your personal information. Even if you know the source, if something looks suspicious, delete it.
- Share with care: Think before posting about yourself and others online. Consider what a post reveals, who might see it and how it could be perceived now and in the future.
Visit Staysafeonline.org or stopthinkconnect.org for more information