Joe Hancock comments on latest cyber attack

Posted on 24 October 2016

Joe Hancock comments on latest cyber attack

Last week, a series of cyber attacks took place, affecting sites such as Reddit, Twitter, Etsy, Github, SoundCloud, Spotify and many others.

Joe Hancock, Cyber Security Lead at Mishcon de Reya, explains how the attacks took place and how they could be prevented:

"The attacks on Dyn, part of a service that translates internet addresses into human, readable form, came from an attack network nicknamed Mirai. Mirai is in part formed of hacked 'Internet of Things (IoT)' devices – these include TV's, digital CCTV cameras, home broadband routers and other commercial devices.

"Many of these devices have poor security, with unpatched, out-of-date firmware; easily guessable or public passwords; and other low-security practices. As IoT devices continue to grow in number and popularity, the level of security in them should be increased. This is difficult to do cheaply and is especially difficult for devices reliant on batteries for power. As security increases in personal and business systems, attackers will look for the weak link – meaning the TV in your house may be the next target, rather than your laptop or phone.

"These devices also have access to private and personal spaces. With poor security comes a potential for a breach of privacy, and when the system is a digital home CCTV camera this may be the psychological equivalent to being burgled from thousands of miles away.

"The need to balance the security of cheap, consumer devices with the advantages they bring to our lives and businesses will be a challenge for many device manufacturers in years to come and may only be solved by regulation.  

"Device manufacturers are today incentivised to reduce device cost, and consumers want simplicity and ease of use – we may need the government to help the industry drive the right levels of interoperable security for all of these devices."