By Maksym Schipka, SVP Engineering.
One of the big cyber-security stories this week was about Evernote and Feedly being struck by distributed denial of service (DDoS) attack.
Denial of service attacks in the modern world can be very effective against smaller targets, but are generally perceived as weapons of desperate, helpless criminals on larger targets. Usually, the criminals are after a particular target, looking for direct financial gain - stealing credit card numbers, online games accounts or basically any credentials at all - after all, there is a Shadow Economy out there where anything is up for sale and everything has a price. DDoS attacks can only yield indirect financial benefit by, for example, restricting access to competitor services or to eShop, thus sending the potential buyers elsewhere.
However, some password dictionary and brute-force attacks can be seen as DDoS. Dictionary attacks are nothing more than trying password after password attempting to get in into a user account - or a multitude of them. If carried out in an un-throttled manner, they can have the same short-term consequences as DDoS; unavailability of the website or service under attack. The long-term consequences are the potential data breaches; but to be clear, at present, there is no public evidence of what kind of attack Evernote is experiencing.
Evernote clearly knows a thing or two about running distributed fault-tolerant and highly available infrastructures. It delivers an incredible productivity tool that in its very basic modus operandi enables all of your notes to be seamlessly shared between all of your devices. It has multiple additional free services that make this tool a lot more than just a note-taking service. The question is, what do the notes contain? Are they ‘to do’ lists? Or, due diligence on M&A activity? Salaries? Contract details? You can see where I am going here…
So the questions to be asking are:
- Is this DDoS an unhappy desperate criminal expressing their mood, or a not very professional attempt to break into user accounts?
- How many people in your organization use Evernote?
- What is shared there? What is the potential impact of criminals getting access to Evernote notes?
- What are you doing as an organization about tracking the critical information your employees might be putting into Evernote?
- Should you be doing something about the Insider Threat?
Need to find out more about DDoS attacks?
Download our infographic showing the mechanics of DDoS attacks and some useful DDoS protection tips.