- February 28, 2009
During the past week, hackers have launched a series of attacks on Time Warner Cable's servers. Time Warner Cable is working with law enforcement agencies to resolve these crimes.
As a result of these attacks, you may have experienced a temporary "outage" when attempting to surf the Web, including an intermittent "page cannot be displayed" error message. The outages did not result in services being 100% unavailable; and were limited to sporadic timeouts which appeared to be random events. Some users may have experienced a total disconnect, however. These types of attacks are not uncommon, especially for a network as large as ours. We suspect that the attackers are using "zombie computers," or hijacking unsuspecting subscribers' machines to perpetrate the attack without its owner's knowledge.
All of us at TWC take these attacks extremely seriously. As previously mentioned, we are working with the appropriate law enforcement agencies that specialize in investigating these types of crimes. We will pursue prosecution of all perpetrators to the fullest extent of the law. We apologize for the inconvenience that these attacks may have caused and encourage you to report any suspicious activity. Instructions for reporting security abuse are located at http://help.rr.com.
Sincerely,
Time Warner Cable
More: Google News Search: Time Warner Attack
The persistent assault centers on impacting Time Warner’s domain naming system (DNS) services. Given that DNS supports domain name to Internet address resolution functions, e.g., when Internet surfing, an easy mitigation for customers is to use an alternative provider, such as OpenDNS. I've been using both Time Warner and OpenDNS in my home networking environment for years with great results. OpenDNS also helps protect users from visiting known harmful and other inappropriate Internet sites.
Much attention is put on specific, in-scope compliance issues within critical infrastructure organizations. The obvious twist is that even basic, persistent attacks increasingly are a factor in considering overall business risk to service and reputation. Additionally, cyber security problems that affect non-operational, business network settings, also increase the risk of "pivot attacks" creating more serious operational issues that regulators and senior management are acutely concerned with.
From a broader perspective, this issue saliently points out how even narrow, basic attacks can impact an organization and their customers. Critical infrastructure organizations risk even larger potential impacts steming from such issues- driving the need for ongoing cyber security improvements.
No comments:
Post a Comment