The internet of zombies

Jon Lawson

Jonathan Wilkins discusses the internet of zombies and advises on how companies can prepare for the outbreak

Since Dawn of the Dead was first released in 1978, the possibility of a viral outbreak that will turn us all into night crawling, flesh-eating zombies has become a worry for many and a very prolific Hollywood theme. While it's unlikely this will ever happen, industry has recently started facing an epidemic across IT systems that companies should be aware of. The internet of zombies won't result in the end of civilisation, but it does put your company's confidential information at risk.

The term internet of zombies, was coined by cyber security solutions provider, Radware in its Global Application and Network Security Report 2015-16. The concept refers to the rise of an advanced type of Distributed Denial of Service (DDoS) attack, named Advanced Persistent Denial of Service (APDoS). This type of attack uses short bursts of high volume attacks in random intervals, spanning a time frame of several weeks.

In 2015, more than 90% of companies surveyed by Radware experienced a cyber attack. Half of these were victims of an APDoS - up from 27% in 2014. The report by Radware suggested 60% of its customers were prepared for a traditional attack, but not an APDoS.

Typically, APDoS attacks display five key properties: advanced reconnaissance, tactical execution, explicit motivation, large computing capacity and simultaneous multi-layer attacks over extended periods. The attacks are more likely to be perpetrated by well-resourced and exceptionally skilled hackers that have access to substantial commercial grade computing equipment.

Hackers use virtual smoke screens to divert attention, leaving systems vulnerable to further attacks that are more damaging, such as extortion and theft of customer data.  While the financial services sector is most likely to be targeted, almost anyone can fall victim to the highly effective attacks.

This type of attack is becoming increasingly common in retail and healthcare, where data is considered to be up to 50% more valuable. As IT systems across different sectors become more automated, cyber security specialists are predicting these persistent attacks will happen even more frequently.

Businesses need to find new ways to fight the internet of zombies and can prepare for the outbreak by ensuring they're equipped to make decisions quickly at the first sign of a hack. Combining several layers of virtual protection with skilled professionals should be the first line of defence for information security.

Paying for additional capacity when developing a website can make the process costly; so many companies scale their system to match a predictable peak. However, in an APDoS attack, sites can experience ten or 20 times more traffic than their usual maximum so it makes sense to allow a healthy margin of error when developing a system.

Having a response plan in place will also improve the chances of restoring a system before any major damage is done. The plan should include preparing contact lists and procedures in advance, analysing the incident as it happens, performing the mitigation steps and undergoing a thorough investigation to record the lessons learned.

It's likely that zombie films will be as popular as ever in 2016, with another instalment of Resident Evil on the cards. Let's make sure that the internet of zombies doesn't rear its head as well by preparing ourselves for the outbreak of APDoS that's heading our way.

Jonathan Wilkins is marketing director of obsolete components supplier, EU Automation

Recent Issues