Skip Navigation
BlackBerry Blog

What I Would Do with a Billion Attacks a Day

FEATURE / 12.18.18 / Pete Herzog

If you think about, every single one of you reading this is really pretty damn lucky. Not because I finally wrote a new article, but because every one of you exists today because your ancestors all luckily survived every bug, bomb, and brutality long enough to have offspring ending at you. That’s some serious luck.

And a smarter person than me once said that life is not about surviving but about what you do with your life while you are surviving. Maybe it was Aristotle or maybe Sportacus, I don’t remember.

But then I recall seeing statistics somewhere that some organizations get more than a million attack attempts a day and some ISPs claim to see more than a billion! I started thinking, how long can our luck hold out? Can we survive this cyber onslaught?! If we were lucky enough to get this far, maybe it’s time to not look that gift luck in the mouth. We need to truly live that life!

This fits perfectly with my new efforts to get cybersecurity more aligned with business practices in the sense that “if you can’t beat them, join them.” Therefore, I started thinking that instead of fighting all these attacks, we should use them. Where business says, “take life’s lemons and make lemonade”, I say we take those attacks and find something productive and even profitable to do with them.

Making Lemonade out of (Juicy) Lemons

Now some of you are thinking, what? Well, you know how I told you how I turn every TSA pat-down into a much-needed hug by feigning dizziness? Or how I use neighborhood package thieves to haul my trash away by packaging it in Amazon boxes and leaving it on my porch during the day? Or how I got rid of the raccoons in my yard by putting up a sign that said “Free Kittens” until the neighborhood middle school kids cleaned out every last one? Well, we need to do something like that. We need to turn something terrible into something wonderful, maybe even profitable.

So, when I read about a million attacks, I think, wow, that’s a lot of effort wasted. Remember, we’re talking about attacks, not breaches or even “successful” attacks. Because that effort is apparently NOT wasted. Which makes me wonder what we can do with that kind of traffic.

It’s a shame that we can’t get real power off a packet (or actually, symbols, the analog wave of electricity or light that becomes the bit). Which really limits us from gaining anything truly physical. I mean imagine if we can light up our offices with all those electrons? Except it would require a true rebuilding of Internet hardware to get anything like that, or else you’d basically just be taking “power” off your gateway router. I suppose we could heat up our coffee with the heat “created” but…. ya know. I’m going to stop there on that thought because I hate writing so many “quotes” all the “time” on this.

The other issue is that if we wanted any kind of cryptocurrency mining or other work done, we’d need to use the attacker’s machines to do it. That means we’d have to serve them something back that will run, likely in their browser. So, unless we have a honeypot that provides these mathematical challenges, we’re not going to get much financial benefit out of these attacks. We need to be smarter.

Converting Hacks Into Haikus

The first clever thing I can think of is we transform the attacks into words or phrases. At a million a day, that gives us over a billion words in just three years! While it’s not exactly infinite monkeys writing Shakespeare, I’d bet port-scanning traffic could get us some Young Adult fiction, or at least a really great haiku.

If we’re smart we can set it up so different variables of the attacks including origin, destination, protocol, data, etc. could be different words or types of words. SQL injection attacks as variables for homonyms would make a huge variety of knock-knock jokes. Or, as they’re also known, unfunny jokes. The body from phishing mails could become the next great collection of international short stories, or based on the more recent attempts I’ve seen, erotic fiction.

The repetitive and limited nature of port scans tied to timely cybersecurity jargon would make some pretty convincing whitepapers. We just need to make sure blockchain and IoT are represented by ports 22 and 80 respectively.

But we don’t need to stick to words. We could have attack packets represent notes from various instruments. A trillion collected attacks can possibly contain the next great orchestral composition. A billion might get us the typical 14-minute jazz song. A million or so would certainly get us a few catchy refrains for pop songs. A few thousand linked to chumba-chumba sounds would make enough music to last a whole night at a rave. Even a few hundred representing nature sounds could pipe into our break rooms to make for relaxing, Zen spaces.

However, that all requires selling books or music generated to turn a profit. We need something more immediate. And it should be really easy.

Gaming sites could use the slightly random nature of scans to give life to non-player characters in MMORPGs. It could give a more human nature to them, letting different protocols and packet types represent quirks in their nature or decisions made from minute to minute.

Gambling sites could use their constant attacks to tweak the randomness in bets or games. Every shuffle of a card deck uses represents the ports attacked at that moment. It could even lead to a new generation of games like horse races which are actually representations of attempted exploits.

Cooking sites could mix and match ingredients based on brute force password-cracking attempts to invent wild new dishes. However, since it’s often the same attack types again and again, we need to make sure we don’t end up with something unrealistic, like pumpkin spice in everything.

Final Thoughts…

In case you’re wondering, “What the hell did I just read?!” let me remind you that we shouldn’t let all these billions of attacks go to waste. We should do something constructive with all that energy. We’re talking unlimited imagination in a finite scope with known variables. There’s just so much potential there to make the next great movie blockbuster.

But since this is a cybersecurity article, you’re expecting that I at least give some suggestions of how billions of unsuccessful attacks can lead to new security products or better defend our networks. And you’d be wrong. Unsuccessful attacks are just wasted attacker energy, but they’re also justification that we did something right in cybersecurity. 

Pete Herzog

About Pete Herzog

Guest Research Contributor at BlackBerry

Pete Herzog knows how to solve very complex security problems. He's the co-founder of the non-profit research organization, the Institute for Security and Open Methodologies (ISECOM). He co-created the OSSTMM, the international standard in security testing and analysis, and Hacker High School, a free cybersecurity curriculum for teens. He's an active security researcher, investigator, and threat analyst, specializing in artificial intelligence (AI), threat analysis, security awareness, and electronic investigation.