Amazon traffic hijacked, cryptocurrency cyber-heist, and the Path to prevention
Internet security has always been paramount for financial providers. Compliance regulations and associated risks, among a myriad of other factors, have been a costly and time consuming exercise at the top of the priority list for any business.
With the boom of blockchain and crypto-based startups, the risks have been amplified and have grown exponentially with the rise of cryptocurrency. Often, companies entering this market do not have the maturity, experience, size, nor talent pool that Big 4 Banks and Big 4 Consultancies have — and hackers know this. The worst part? They are capitalizing on it.
The attacks that Path Network Chief Technology Officer Marshal Webb had warned about during his keynote speech at the Blockchain Technology & Application Summit, Beijing 2018 previously this year (March 2018) have happened.
On April 24, 2018 between the hours of 11:00AM — 2:00PM UTC, Amazon Web Services Route 53 DNS traffic was compromised. Amazon lost control of a number of its cloud services IP addresses for 2 hours that morning; almost 1,300 addresses for Amazon DNS provider Route 53 were able to be rerouted wherever the malicious attacker responsible deemed fit — by exploiting a vulnerability in the Internet protocol itself. The attack vector is known as a “BGP Hijack”, which essentially means that chunks of Internet traffic can be rerouted to a rogue target location, often a server controlled by a hacker. This sophisticated attack allowed hackers to seize a reported $150,000.00 USD worth of Ethereum, a popular cryptocurrency. Specifically, the seizure occurred by way of rerouting traffic destined for MyEtherWallet, a popular online Ethereum wallet service provider, to services controlled by malicious actors who had hosted a website identical to the MyEtherWallet website — this tactic is otherwise known as a “phishing campaign.”
Path Network is trying to deliver a globally distributed security and intelligence platform. Founded by the same people behind BackConnect, a Layer 7 DDoS mitigation and managed security services provider, the Path team identified various unsolved problems during previous encounters with Carriers and Internet Service Providers. After internally developing a solution to remedy many of these unsolved problems, the solution was recognized as a commercially viable use-case for the implementation of blockchain technology.
At this point in time, in which individuals and companies of all types are realizing the potential of blockchain technology, Path aims to tie the two together by allowing individual users of its platform to effectively rent out their excess bandwidth, and subsequently be rewarded for its use. Individuals gain a passive income, whilst businesses gain deeper insights into website speed, application performance, and security. It nearly sounds too good to be true, but extensive experience on part of the Path Network team and the emergence of blockchain technology allow for this all to come to fruition.
In this increasingly connected world economy, software is driving innovation and enables businesses to have a digital footprint. Within this digital space, a few seconds of downtime can translate into lost sales conversions, reputational damage, and the essential forfeiture of prospective users.
Due to the nature of Path’s platform architecture, they will be able to provide unparalleled insight, intelligence, analytics, and monitoring into things such as: BGP Hijacks, DNS Poisoning, BGP Route visualization, Net Neutrality, Censorship, DDoS Attack Reporting, CDN performance, Uptime/Page speed monitoring, Ad Fraud detection, and many others. All this in a manner not quite possible before, simply due to architectural limitations and implementations of previous solutions.
Since Path uses a distributed Blockchain mining node network to power its analytics and monitoring metrics, it is truly capable of providing unrivaled telemetry. Path’s robust telemetry puts them in the unique position to build customized reports for very specific use cases.
Path Network, or at least the team behind it has a long history with internet security and cyber-crime.
Chief Executive Officer, E.J. Hilbert has a track record as an FBI superstar. With 15 years of experience as a Special Agent, he is responsible for some of the world’s largest takedowns of international cybercrime and fraud syndicates, as noted by wired.com among many other sources. E.J. Hilbert is responsible for PCI-DSS as we know it today, and is widely regarded as an expert in compliance, risk and fraud.
Chief Technology Officer, Marshal Webb is the founder of the project and is also the founder of BackConnect — a Layer 7 DDoS mitigation provider rivaling Akamai. BackConnect also assisted in providing human intelligence that lead to the takedown of the Mirai botnet, and provided DDoS protection as a pro-bono service for the Free Software Foundation.
Director of Technology, Matthew Flannery comes from a background in Network Security, Cloud, Information Security, and DevOps with recent employment at Deloitte. At a glance he is a hardcore technology specialist. This is evident in his publicly available talks on various subjects from past security conferences. Interestingly enough, Mr. Flannery is someone who has strived to reform due to his past as a convicted computer hacker who was allegedly the group leader of notorious cybercrime organisation “LulzSec.”
Now, ask yourself — who better to trust with network security? These group of highly experienced individuals and their very capable teams are working together to make the internet a safer and more reliable place for everyone.
To address the previously mentioned AWS incident, some technical details include the fact that roughly 1300 IP addresses were hijacked, as reported by https://twitter.com/InternetIntel, an Oracle-owned intel feed. An Ohio based ISP, eNet (AS 10297) advertised fraudulent routes and once in place subsequently ordered service provider HE (Hurricane Electric), possibly other HE customers, and BGP peers of AS 10297 to start directing traffic upstream to these new routes, which have since been identified as fraudulent and malicious.
It’s because of attacks like this that we need the granular analytical capabilities that Path will be able to provide. The complexity of attacks and the cyber criminal groups that plan them continues to grow and improve, and until Path’s innovations, analytics and intelligence had seemingly been left in the dust behind these advances in cybercrime. With these new analytics and monitoring capabilities, hopefully Path will be able to help shed light on the darkest corners of the Internet.