Many years ago, I had a friend who’s father was a marine biologist, spending his career doing research in Canada’s frozen north. At dinner one night, Ian (the father) told a story about how he and a couple other researchers set up base camp on a large ice flow in the north. They drilled a hole in the ice and dropped a listening device down into the freezing water – listening to the marine life living in the area. As they were sitting there listening and recording the sounds, a submarine passed under them – right under their listening device. He said it freaked them out! The ice was too thick for any sub to break through and surface, but it was strange having the sub from an unknown country pass directly under them—for an unknown purpose.
That feeling is mirrored for me in our world when hackers surface from the dark waters of the internet. Our servers host our software applications for our customers, and they’re directly connected to the internet. When I’m logged into one of our servers for one reason or another, I’ll take a moment to watch the log files roll in live. I often see live attacks happening on the server. Some nefarious entity out there is trying to break into our application by guessing a user’s password—or by testing the boundaries of our software development skills. They look for things like buffer overflow conditions or the now famous heartbleed issue.
I’m fascinated when this happens, and I’ll take a few minutes and watch the attack and how it unfolds. I’ve seen both sophisticated and unsophisticated attacks, lasting several hours or several minutes.
Every time this happens, I know EXACTLY how my friend’s father felt when the sub passed his listening device.
The software applications you have exposed to the internet – have they been developed with these threats in mind?
Does your dev team understand the depth of the threats?