Sunday, March 1, 2009

Significant, targeted attacks even against ISPs?
-Absolutely! (just ask Time Warner)

One might think that larger financial institutions and other entities with directly exploitable financial or personal information remain the major nexus of criminal cyber problems. However, even consumer grade ISPs are increasing facing challenges. Time Warner's drawn out efforts now in the limelight represent just the latest example of an organization scrambling to address service and reputation impacts from a disrupting cyber security attack.

  • February 28, 2009

    During the past week, hackers have launched a series of attacks on Time Warner Cable's servers. Time Warner Cable is working with law enforcement agencies to resolve these crimes.

    As a result of these attacks, you may have experienced a temporary "outage" when attempting to surf the Web, including an intermittent "page cannot be displayed" error message. The outages did not result in services being 100% unavailable; and were limited to sporadic timeouts which appeared to be random events. Some users may have experienced a total disconnect, however. These types of attacks are not uncommon, especially for a network as large as ours. We suspect that the attackers are using "zombie computers," or hijacking unsuspecting subscribers' machines to perpetrate the attack without its owner's knowledge.

    All of us at TWC take these attacks extremely seriously. As previously mentioned, we are working with the appropriate law enforcement agencies that specialize in investigating these types of crimes. We will pursue prosecution of all perpetrators to the fullest extent of the law. We apologize for the inconvenience that these attacks may have caused and encourage you to report any suspicious activity. Instructions for reporting security abuse are located at
    http://help.rr.com.

    Sincerely,
    Time Warner Cable


    More: Google News Search: Time Warner Attack

The persistent assault centers on impacting Time Warner’s domain naming system (DNS) services. Given that DNS supports domain name to Internet address resolution functions, e.g., when Internet surfing, an easy mitigation for customers is to use an alternative provider, such as OpenDNS. I've been using both Time Warner and OpenDNS in my home networking environment for years with great results. OpenDNS also helps protect users from visiting known harmful and other inappropriate Internet sites.

Much attention is put on specific, in-scope compliance issues within critical infrastructure organizations. The obvious twist is that even basic, persistent attacks increasingly are a factor in considering overall business risk to service and reputation. Additionally, cyber security problems that affect non-operational, business network settings, also increase the risk of "pivot attacks" creating more serious operational issues that regulators and senior management are acutely concerned with.

From a broader perspective, this issue saliently points out how even narrow, basic attacks can impact an organization and their customers. Critical infrastructure organizations risk even larger potential impacts steming from such issues- driving the need for ongoing cyber security improvements.

No comments: