Last week Belgium was hit with one of the largest DDOS attacks in history. It took down the Belgium government along with most of the rest of the country’s internet. Now, over a week later, the news has been strangely silent about it. The most likely culprit is the Chinese government.
Belgium is the home of the UN building and the attack occurred just before (about 15 minutes) an ex-prisoner of a Chinese work camp was going to speak. China is currently being accused of gross infringement of human rights towards Uighur Muslims to the point of being accused of a mass genocide.
While I don’t want to get into a political debate about what’s going on, I do think it is important for everyone involved in cybersecurity to take notice. This is a major line which has potentially been crossed and we need to talk about it, stand up and take notice. We need to make some major decisions as to the future of cyber security right now.
Decision 1 – How much does this affect me? Notice this question is not “does this affect me?” because it absolutely does. If a government such as China does not like your company for any reason, they can potentially just remove them. An attack of this scale is difficult to defend. You could be on the radar for your product, where you live, your ethnicity or just because you were randomly chosen.
Decision 2 – Should the government be involved? Does this constitute an act of war? What is the government’s role? There is a huge scale here starting with the government taking no action and letting companies and individuals defend themselves to the government taking over the security of a company when they are attacked. I’m against both extremes so we need to meet somewhere in the middle.
Decision 3 – How much effort should I put into finding out if I’m a target? This is the rabbit hole. Should you hire a person or company to just watch the radar to see if your company is showing up on international streams? How much time do you need to put into keeping an eye on the political climate? Do you go through all your employee’s social media accounts to find out if they are making you a target?
Decision 4 – Do you change your stance in the cybersecurity community? We are stronger if we stand together but what amount of effort do you need to put into that?
Decision 5 – Does this change the way I secure my environment? That’s the big one. Do you spend more money on technology? Does your company change its online profile? This is the biggest decision you’ll have to make, and it will be completely individualized by your environment.
These are some of the bigger questions, I’m sure you can think of more which are specific to your environment and what you’re working on. No matter what you decide, the community is going to change as a result of this. We can either change before the next attack comes or we can react to it.