On Friday a massive DDoS attack aimed at Dyn, a DNS provider, crippled several large internet sites including Twitter, Netflix, Shopify (and all sites hosted under Shopify), Paypal, Reddit, SoundCloud, Spotify, and more. Affected sites are still being added to a long list of outages reported. The outage was first felt primarily in the morning on the East Coast, but by later in the day the attack had resumed and spread to include almost the entire United States and the world.
DDoS attacks are when a large stream of data is pointed at a target, effectively overwhelming it with traffic and knocking it offline. This is what happened to Dyn. Dyn is a DNS provider, meaning it is a service that translates domain names into the numerical IP addresses that are where the website data is located. Basically a DNS provider is like an internet phone book. If it goes down, the traffic doesn’t know where to go. Also, DNS data is sometimes cached, making this a confusing situation for everyone involved.
Thousands of businesses were affected by the fallout of this attack, losing customers, traffic, and advertising sales.
Dyn confirmed the outages and has been posting updates throughout the day. It is still unclear who is behind the attacks and what the reasons are, however many people are expressing surprise that this many websites were affected.
We recently reported on the fact that incredibly powerful DDoS attacks are now possible for even amateur hackers thanks to the Internet Of Things (internet connected devices and appliances) which are generally not very well secured and can be recruited into a botnet which then carries out these attacks. In simplified terms, someone could very well just harness the power of a couple thousand smart refrigerators and toasters, and level a few powerful websites.
This attack is similar to what brought down the popular whistleblower and hack reporting website Krebs On Security, which was the target of the most powerful DDoS attack ever seen. These types of DDoS attacks are now becoming more common as the Internet Of Things has made recruiting botnets that much easier.
These huge and advanced DDoS attacks are now being morphed into pseudo-ransom attacks, where hackers will notify a hosting provider of an impending DDoS attack unless the provider ponies up a certain amount of money – usually payable in the hard-nay-impossible to track Bitcoin.
According to Brian Krebs, Dyn often publishes detailed writeups of similar DDoS attacks that happen elsewhere. Krebs insinuated that he hopes this attack does not cause them to stop doing that. In one of his recent articles Krebs lamented the fact that these powerful DDoS attacks have the power to stop or dissuade individuals or companies to use free speech out of fear of more attacks. It’s actually kind of a scary thing. Should Dyn decide to stop publishing detailed writeups of future hacks, it will be a major loss to the free speech ideals of the internet and it will mean the bad guys have won.
It will be interesting going forward to see how the internet as a whole deals with the threat of DDoS attacks.