Posted on
September 12, 2019 at
2:4 AM

Detailed network mapping and clear
lines of communication allowed Optus to avoid an emergency patching program and
quickly identify a suspected attack as a false positive.

It was the 2018’s Commonwealth Games, and the
opening ceremony was about to begin. About an hour prior to the event, the
that provided the network for the competition, Optus, observed a sudden
traffic surge and immediately thought that they were suffering a distributed
denial of service (DDoS) attack.

A month prior to the opening ceremony held in Australia, a DDoS attack was performed, with traffic peaking at 1.7 terabytes per second.

Several Reasons to a
DDoS Attack

As it turns out, Optus had several reasons to fear a DDoS attack. A couple of months before the inauguration of the Commonwealth Games, a worm tore apart from the systems of the organizing committee of the Winter Olympics in South Korea. Several files and documents were deleted.

There was a lot at stake for Optus, considering that in addition of being the network provider at the Commonwealth competition, it was one of the most prominent sponsors. According to Narelle Wakely, a security advisor of Trustwave, a firm associated with Optus, the brand name was going to be all over the games.

And, considering that they had similar resources, applications, and overall to that of the Winter Olympics, the team was on alert. That information was provided by Wakely to APNIC 48, the conference of the Asia Pacific Network Information Centre, in Chiang Mai, Thailand, earlier in the week.

Wakely also explained that tensions between
British and Russian governments were increasing, amid the alleged poisoning
episode of former spy Sergei Skripal in UK territory.

Another potential security aspect to watch out
for at the time was the fact that two traditional enemies, the United States
and North Korea, were talking about having meetings, potentially in Singapore,
which is the host country of Optus’ parent company. It was an added risk,
according to Wakely.

However, the network provider for the games
wasn’t experiencing the traffic surges out on the network associated with
clients. Instead, research showed that the alleged was what is called in
several fields as a “false positive.”

To the surprise of many, Wakely informed that the unusual activity was because of a very large update on video game giant Fortnite. She ironized about the event and said that, of course, it had to take place one hour before the inauguration of the Commonwealth Games and that all gamers went home at the same moment to turn on their gaming devices.

A Pioneer

Optus was a pioneer in many aspects, as it was
the network provider of the 2018 Commonwealth Games, the first event to have
one firm offer everything network-related, including TV broadcasts, video
streaming, online security, and results recording, among other things.

Wakely explained that everything needed to be
perfect and, especially, quick. She detailed how the company sent every bit of
information regarding results from the Gold Coast to Perth, a cross-country
journey to the center.

A very specific and detailed map of the
network was one of the most important resources for achieving that goal. The
map was very thorough from online security and operational standpoints.

Everything was done to ensure that everybody
involved in the process could visualize and start working on
“diagrams,” as she explained it. The approach helped the firm
identify the spots in which changes were taking place from a
standpoint, and the effects or results of those modifications.

Additionally, at the moment of the Games’ network went live, prominent online-related company Cisco published a couple of crucial vulnerabilities, and the rating associated with them was 9.8 on a 1 to scale.

Common sense indicates that patching vulnerabilities like that as soon as possible, but Optus was at a crossroads. Wakely explained that they risked altering the network and its availability if they patched.

But the system they put in place, more specifically the blueprint on a page, allowed the company and its associates to work as a team and quickly spot the changes taking place at the moment in real-time from an online security standpoint.

In the end, a decision was reached to apply
the patch in three routers and not to 133 switches.

Summary

Alleged Commonwealth DDoS Was A Large Fortnite Update  - wAAACwAAAAAAQABAEACAkQBADs  - Alleged Commonwealth DDoS Was A Large Fortnite Update

Article Name

Alleged Commonwealth DDoS Was A Large Fortnite Update

Description

A month prior to the opening ceremony held in Australia, a DDoS attack was performed, with traffic peaking at 1.7 terabytes per second.

Author


Ali Raza

Publisher Name


Koddos

Publisher Logo



Source link

No tags for this post.

LEAVE A REPLY

Please enter your comment!
Please enter your name here