Cyber attacks of 2016 unnerved many when Twitter, Netfix, Amazon, Tumblr, Reddit, Pinterest, and hundreds of other popular websites went offline Friday morning, October 21. Hackers had their sights set on Dyn, an internet infrastructure company that provides critical technology services to some of the internet’s top destinations.
The cyber attack brought on by hackers unleashed a global distributed denial of service (DDoS) attack on the servers of Dyn, specifically on the managed DNS infrastructure. According to Gizmodo, it’s safe to assume that the two situations are related. The cyber attack brought down websites and apps across the internet. Many internet users on the East Coast experienced several hours of interruption during the cyber attack.
Dyn was able to stabilize the cyber attack, but within a few hours, a second DDoS attack began in the early afternoon, again disrupting internet services across the web. According to Dyn DNS, the cyber attack started at 11:10 UTC, and it targeted its managed DNS service. A senior government official told CNN how the cyber attacks had affected the internet.
“… Mainly have resulted only in the slowing down of internet access to various websites on the East Coast.”
The website states in more detail.
“Due to the major Denial-of-Service attack directed at Dyn DNS we are temporarily pausing our alerting service. The [cyber] attack have caused major issues on the internet and many services are down as we’re writing this. We have made this decision because we have found that the alerts we currently send are unreliable and essentially useless. We continue to monitor the situation and will update this incident at least once every 30 minutes, and of course as soon as we feel it’s reliable to turn Pingdom alerts on again.”
Update 4:22 p.m. Eastern: It appeared to be getting worse. Dyn says they are now being hit with a third wave of attacks. Dyn told CNBC the attack is “well planned and executed, coming from tens of millions IP addresses at same time.”
Update 12:28 p.m. Eastern: Dyn says it is investigating yet another attack which caused the same massive outages experienced this morning. According to Gizmodo, the new wave of attacks seems to be affecting the West Coast of the United States and Europe.
How can so many sites go down at once? In order to understand how one DDoS cyber attack could take out so many websites, you have to understand how Domain Name Servers (DNS) work. Domain Name Servers act as the internet’s phone book and facilitate your request to go to a certain webpage and make sure you are taken to the right place. Lily Hay Newman explains in Wired why DDoS cyber attacks against DNS services are effective in bringing down hundreds of websites.
“An attacker can take out the entire Internet for any end user whose DNS requests route through a given server.”
A number of cyber attack maps have been shared online. Here is a video from this morning showing attacks online via Norse Map.
Norse Map can be a little misleading since it shows attacks on honeypots that are set up specifically to draw in attacks. It doesn’t show actual and legitimate DDOS attacks. The map from Digital Attack Map is also being shown. However, this map is from October 20, not today.
If the DNS provider that handles requests for Twitter is down, you will have an incredibly difficult time getting to Twitter. There are some websites that are coming back for users, but it doesn’t look like the problem is fully 100 percent resolved.
Pingdom also provides cyber attack locations and outages around the world.
At around 3 p.m. Eastern, Pingdom had to temporarily discontinue their alerting service due to the DDOS cyber attack.
Major DDoS directed at Dyn DNS we are temporarily pausing our alerting service. Details and updates:https://t.co/v3NXz2O3bD— Pingdom (@pingdom) October 21, 2016
Dyn posted this update on its website.
“Starting at 11:10 UTC on October 21th-Friday 2016 we began monitoring and mitigating a DDoS attack against our Dyn Managed DNS infrastructure. Some customers may experience increased DNS query latency and delayed zone propagation during this time. Updates will be posted as information becomes available.”
Here’s a list of websites many have had trouble accessing due to the crippling cyber attacks.
- Big cartel
- Business Insider
- HBO Now
- Iheart.com (iHeartRadio)
- Playstation Network
- Squarespace Customer Sites
- Starbucks rewards/gift cards
- The Verge
- Wix Customer Sites
- Zoho CRM
- Credit Karma
- Fox News
- Constant Contact
- New York Times
- Elder Scrolls Online
- Eve Online
- Speed Test
- Blue Host
- Survey Monkey
- Paragon Game
The Wikileaks Twitter account made it known that Assange is still alive and the Wikileaks website is still publishing posts.
Mr. Assange is still alive and WikiLeaks is still publishing. We ask supporters to stop taking down the US internet. You proved your point. pic.twitter.com/XVch196xyL— WikiLeaks (@wikileaks) October 21, 2016
Gizmodo readers report unresolved issues with cyber attacks.
RELATED FROM THE INQUISITR:
Update 9:05 a.m. Eastern: Not so fast… Judging by emails from Gizmodo readers, this problem seems to be getting worse.
Update 9:43 a.m. Eastern: Dyn says the issue has been resolved.
Update 12:19 p.m. Eastern: Dyn says the issue is resolved, but multiple readers are messaging me to say they’re still having trouble accessing websites.
Update 12:25 p.m. Eastern: Issue not yet resolved. The cyber attacks seems to be on eastern part of U.S.
Update: 5:17 p.m. Eastern: Dyn reports incident has been resolved.
At the moment, it is uncertain who perpetrated the attacks against Dyn or why. Both U.S. Homeland Security and the Federal Bureau of Investigation are looking into the situation, they don’t name any suspects or otherwise indicate who is being investigated, Reuters reports.
Security technologist Bruce Schneier wrote about the cyber attacks in a blog post. Who would do something like this?
“Who would do this? It doesn’t seem like something an activist, criminal, or researcher would do. Profiling core infrastructure is common practice in espionage and intelligence gathering. It’s not normal for companies to do that. Furthermore, the size and scale of these probes — and especially their persistence — points to state actors. It feels like a nation’s military cyber command trying to calibrate its weaponry in the case of cyberwar. It reminds me of the U.S.’s Cold War program of flying high-altitude planes over the Soviet Union to force their air-defense systems to turn on, to map their capabilities.”
Our advanced service monitoring issue is currently resolved. We are still investigating and mitigating the attacks on our infrastructure.— Dyn (@Dyn) October 21, 2016
What can be done about future cyber attacks?
“These [DDoS attacks] take the form of precisely calibrated attacks designed to determine exactly how well these companies can defend themselves, and what would be required to take them down…What can we do about this? Nothing, really. We don’t know where the attacks come from. The data I see suggests China, an assessment shared by the people I spoke with. On the other hand, it’s possible to disguise the country of origin for these sorts of attacks. The NSA, which has more surveillance in the Internet backbone than everyone else combined, probably has a better idea, but unless the U.S. decides to make an international incident over this, we won’t see any attribution.”
How were you affected by the cyber attacks Friday morning? What websites were offline for you? Sound off in the comment section below.
[Featured Image by BrianAJackson/iStockphoto]