NSHE Security Advisory: Heightened DDoS Threat

Disconnect

DisconnectNSHE continues to see an increased volume of distributed denial-of-service (DDoS) attacks launched against our institutions and some of our K-12 partners.  With the recent release of the Mirai malware source code on the Internet, there has been significant growth in the use of compromised Internet of Things (IoT) devices to launch these types of attacks.  These devices may include home wireless routers, smart TV’s, surveillance cameras and DVR’s.   We have seen in the news that these compromised IOT devices have been used to create large-scale botnets to execute crippling DDoS attacks against a number of different customers.

The latest large-scale attack was launched against DYN.COM who offers hosting and Domain Name Services to a number of customers.  This attack resulted in a number of cloud services being unreachable including Workday and BlueJeans, services we are using at NSHE.

SCS is evaluating a number of solutions to protect against DDoS attacks launched against our customers that could impact other services our customers rely on.  Look for upcoming announcements related to this.

For additional information related to Mirai and the DDoS threat, see the US-CERT TA16-288A provided by the Department of Homeland Security.