Bots and Cyberattacks
Over the past three decades, more of our daily lives and business have migrated from paper and the physical world to electronic or online media. It seems that every day, more of what we would have normally done in the physical world, like banking and business in general, can now be done online — including managing your identity with IAMX. Without the internet, some things, like managing your own identity, would not be possible, and we had to rely on a government or state-level agency to issue physical personal identification documents.
Thirty years isn’t a long time in the grand scheme of things, and as our use and reliance on the internet grows, so do the efforts of malicious actors. We’ve been doing business in the physical world for thousands of years, and have developed robust practices to protect our assets and mitigate potential attack or theft. Over the past thirty years we’ve discovered that we are not entirely safe online. Cyberattacks, cyber warfare, and cyber terrorism are becoming more common, sophisticated, and dangerous. Malicious actors may employ bots and cyberattacks for a number of reasons, to attack a range of targets, including individuals, businesses, and even governments. Anyone can be the target of a cyberattack, as motives can range from theft of a digital asset, to general disruption of a digital service, or simply to deplete a target’s resources — financial, human, or otherwise.
What is a cyberattack?
A cyberattack is an attack on a digital computer or similar device, or a network or information system. The intent or goal of an attack might range from theft of digital assets or funds, damage to a computer system, or its infrastructure. As bots are tools that can be used by malicious actors, they’re often responsible for the execution of an attack. The most common types of cyberattacks are well known, such as viruses, phishing attempts, and malware or spyware, to name a few. Cyberattacks can scale in complexity and sophistication, to include Denial of Service (DoS) or Distributed Denial of Service (DDoS) attacks, and attacks employing armies of bots to manipulate or compromise a target.
DoS or DDoS attacks are used when an attacker wants to render a server or other network resource unavailable. Because servers or hosts are designed to respond to requests, whether it’s a website or another type of service, these attacks will quickly and repeatedly send a very large number of requests to a single host, causing it to be overwhelmed and unable to respond to legitimate requests.
Beyond some of the more common attacks described above, it is becoming increasingly common for attackers to use bot armies to manipulate social media and/or silence a target. Social media platforms, like Twitter, rely in part on its community of users to ensure their terms of use are being followed. Any user can report another for a number of reasons, and if enough users report the same (target) user for problematic or inappropriate activity, Twitter will automatically disable the target user’s account. An attacker, employing a bot army on Twitter, can easily silence a target, having every bot report the target user. Beyond this, attackers might also be interested in silencing multiple users to sway opinion or awareness about a business, political issue, or any topic that can be manipulated through social media engineering.
What does it mean for the target?
The impact of a cyberattack can be a minor inconvenience, at the least, or it can be devastating. One might visit a compromised website, and pick up a piece of malware that creates pop-up windows for advertisements of a service or product. This is a relatively minor inconvenience that can largely be handled by standard security or antivirus software. Consider instead, ransomware, programmed to lock or encrypt files on your computer, and you get a message indicating the only way to regain access is paying the ransom amount. Or perhaps you’re a startup and your competition doesn’t want you to succeed. Startup resources are often limited and a series of attacks could have serious and long-lasting impacts on its success.
It may come as no surprise, but IAMX has been under attack. To us, this means we’re doing it right and we’re becoming a serious threat to competitors, or perhaps to agencies that oppose the concept of self-sovereign identity and seek to retain control over the identity of individuals. While we’re taking these attacks very seriously, they ultimately affirm our efforts and increase our resolve. In a future article we’ll connect with IAMX CTO, Dennis Mittmann, to get his insight on these attacks, their nature, and perhaps their source.
Learn more about IAMX
IAMX is the first-ever SSI solution to financially incentivize and reward the consumer each time they use their identity online.
Website │ Twitter │ Telegram │ Discord │ Linkedin │ Youtube │ Reddit
