Last Week’s Outage Just the Beginning
Late on Friday, October 21, hackers attacked prominent web infrastructure company Dynamic Network Services Inc., known as Dyn, knocking out its big-name clients along the way.
Services like Twitter, PayPal, and Spotify were all affected, as were news organizations and web sites such as CNN and The Guardian. Many of the cyberattacks came via “Internet of Things” devices, such as baby monitors, DVRs, and printers. Digital recording devices were also weak points in security. (Source: “A massive attack took out a swath of the internet, affecting Twitter, Spotify, Github, and more,” Quartz, October 21, 2016.)
Advertisement
A vicious botnet called “Mirai” was responsible for the hack. It first breached Dyn’s servers on the East Coast of the United States, before moving through 18 different data centers that Dyn has stationed across the world. The company said it was a distributed denial of service (DDoS) attack.
“The complexity of the attacks is what’s making it very challenging for us,” said Dyn’s chief strategy officer, Kyle York. He added that the hackers were “hitting our network from tens of millions of IP addresses around the world.”
The attacks centered around the Internet’s domain name system, or DNS, which is what Dyn provides services for. Think of it as a switchboard for the Internet—Dyn designs services for Twitter, Github, and others that help them navigate the Internet.
Coincidentally, the DNS was recently transferred out of U.S. control. It has been regulated by the U.S. government for its entire history, but earlier this month authority was passed to the Internet Corporation for Assigned Names and Numbers (ICANN), a non-profit corporation without an allegiance to any one state.
Some critics have argued that the change of oversight left vulnerabilities that hackers were able to exploit, but other analysts say it was an inevitability. They say the scale of attacks has been rising since before the transfer of authority to ICANN, which means it could become a part of everyday life.
For instance, the amount of Internet traffic affected by a single cyberattack hit a record high in September, prompting the victimized company to announce that these hacks will become the “new norm.”
