Caribbean Region Faces Serious Cyber Security Threats

Carlos Martinez, Chief Technology Officer, Latin America and the Caribbean Internet Addresses delivers a presentation on regional cyber security at Internet Week St Maarten in Philipsburg on October 24, 2016. Photo: LACNIC — Carlos Martinez, Chief Technology Officer, Latin America and the Caribbean Internet Addresses, delivers a presentation on regional cyber security at Internet Week St Maarten in Philipsburg on October 24, 2016. Photo: LACNIC

PHILIPSBURG, St Maarten — Keep it secret. And make sure it’s safe.

Don’t use your real name, your birth date, or any single word. Instead, try a short phrase that includes some numerals and even some punctuation.

Devising secure passwords for your online accounts and your family’s Internet-connected devices is simple enough, if you follow a few easy guidelines like these. But most people just don’t.

And a major attack on a little-known company underscores how much of the security of the global Internet now depends on that unwitting majority of ordinary Internet users. On Oct. 21, a distributed denial of service, or DDoS attack, brought down a relatively obscure U.S.-based firm called Dyn. Those attacks are fairly common, and they use huge networks of malicious software called botnets to bring down a specific service.

What made the DDoS attack on Dyn more troubling was that it set a dangerous precedent. Dyn provides domain name system or DNS services, which support part of the critical infrastructure underlying the global Internet. By targeting companies that make up the backbone of the Internet, hackers can bring down all kinds of other services.

Also disturbing is the fact that the hackers used networks of common smart devices like watches, TVs and refrigerators, to cause the major disruption. Analysts have linked the attack to the Mirai malware, which uses the Internet of Things, or IoT, as botnets. The Mirai source code was released on hacking websites in October.

Analysts are also linking the Dyn attack to others that took place within a five-week span, each larger than the previous, and all using Mirai. On Sept. 20, a 660 Gbps attack was launched on the KrebsOnSecurity blog. A one Tbps attack was also launched on French hosting provider OVH on the same day.

“In the last two years, we’ve had multiple attacks, and the most recent attacks are using IoT devices,” said Mark Kosters, chief technology officer of the American Registry of Internet Numbers, the organization that provides number resource allocation and registration services for North America and parts of the Caribbean.