Viruses are a major problem for IT departments, but a greater headache looms in the form of distributed denial of service attacks, according to the new head of the Centre for Critical Infrastructure Protection, Jay Garden.
Distributed denial of service (DDoS) attacks occur when multiple computers — rather than a single machine — are remotely manipulated to attack a target’s online connection, flooding it with data to close it down.
DDoS attacks are “somewhat unorganised” at present though they can still cause a lot of damage, says Garden, whose office is to be part of the government’s GCSB security intelligence arm. “When they’re coordinated it could be devastating.”
Denial of service attacks in Europe, either distributed or not, have shut down at least one ISP, possibly permanently, and forced online events to be discontinued. The heir to the Dutch throne was forced to abandon an online chat session after billions of hits were recorded on the website in only a few minutes. UK-based ISP Cloud Nine has closed down, selling its user base to a competitor after DoS attacks meant customers could not get access to either email or web servers.
Denial of service attacks and viruses, though, are only part of the picture as far as Garden and the CCIP are concerned. The unit has been established to look at threats to New Zealand’s electronic infrastructure and will include a 24x7 “watch and warn” contingent that will be working to help secure the nation’s critical IT.
“We’ll work with similar units around the world to better understand the threats and to hopefully avoid becoming targets ourselves,” says Garden, who is in the throes of hiring staff for the new unit in preparation for the operation launch date of April. CCIP will eventually have a staff of around eight.
Garden’s boss, director of information systems security at the GCSB Mike Spring, says the unit’s task is not to replace commercial security consultants or vendors but to help companies, in particular government and essential infrastructure, to understand the world they now operate in.