MercoPress, en Español

Montevideo, November 22nd 2024 - 11:42 UTC

 

 

Hackers' coordinated 'attacks' leave major websites inaccessible in the US

Sunday, October 23rd 2016 - 06:31 UTC
Full article 14 comments
Dyn, whose servers monitor and reroute internet traffic, said it began experiencing what security experts called a distributed denial-of-service attack just after 7 a.m. Dyn, whose servers monitor and reroute internet traffic, said it began experiencing what security experts called a distributed denial-of-service attack just after 7 a.m.
Users reported sporadic problems reaching several websites, including Twitter, Netfix, Spotify, Airbnb, Reddit, Etsy, SoundCloud and The New York Times. Users reported sporadic problems reaching several websites, including Twitter, Netfix, Spotify, Airbnb, Reddit, Etsy, SoundCloud and The New York Times.
A spokeswoman said FBI and the Department of Homeland Security were looking into all potential causes, including criminal activity and a nation-state attack. A spokeswoman said FBI and the Department of Homeland Security were looking into all potential causes, including criminal activity and a nation-state attack.
Kyle York, Dyn’s chief strategist, said his company and others that host the core parts of internet’s infrastructure were targets for a number of powerful attacks. Kyle York, Dyn’s chief strategist, said his company and others that host the core parts of internet’s infrastructure were targets for a number of powerful attacks.
Dyn said it had fended off the assault by 9:30 a.m. But by 11:52 a.m., Dyn said it was again under attack. And again at 5 p.m. it was again facing a flood of traffic. Dyn said it had fended off the assault by 9:30 a.m. But by 11:52 a.m., Dyn said it was again under attack. And again at 5 p.m. it was again facing a flood of traffic.

Major websites were inaccessible to people across wide swaths of the United States on Friday after a company that manages crucial parts of the internet’s infrastructure said it was under attack. Users reported sporadic problems reaching several websites, including Twitter, Netfix, Spotify, Airbnb, Reddit, Etsy, SoundCloud and The New York Times.

 The company, Dyn, whose servers monitor and reroute internet traffic, said it began experiencing what security experts called a distributed denial-of-service attack just after 7 a.m. Reports that many sites were inaccessible started on the United States East Coast, but spread westward in three waves as the day wore on and into the evening.

And in a troubling development, the attack appears to have relied on hundreds of thousands of internet-connected devices like cameras, baby monitors and home routers that have been infected — without their owners’ knowledge — with software that allows hackers to command them to flood a target with overwhelming traffic.

A spokeswoman said the Federal Bureau of Investigation and the Department of Homeland Security were looking into the incident and all potential causes, including criminal activity and a nation-state attack.

Kyle York, Dyn’s chief strategist, said his company and others that host the core parts of the internet’s infrastructure were targets for a growing number of more powerful attacks.

“The number and types of attacks, the duration of attacks and the complexity of these attacks are all on the rise,” Mr. York said.

Security researchers have long warned that the increasing number of devices being hooked up to the internet, the so-called Internet of Things, would present an enormous security issue. And the assault on Friday, security researchers say, is only a glimpse of how those devices can be used for online attacks.

Dyn, based in Manchester, N.H., said it had fended off the assault by 9:30 a.m. But by 11:52 a.m., Dyn said it was again under attack. After fending off the second wave of attacks, Dyn said at 5 p.m. that it was again facing a flood of traffic.

The distributed denial-of-service attack, or DDoS, occurs when hackers flood the servers that run a target’s site with internet traffic until it stumbles or collapses under the load. Such attacks are common, but there is evidence that they are becoming more powerful, more sophisticated and increasingly aimed at core internet infrastructure providers.

Going after companies like Dyn can cause far more damage than aiming at a single website.

Dyn is one of many outfits that host the Domain Name System, or DNS, which functions as a switchboard for the internet. The DNS translates user-friendly web addresses like fbi.gov into numerical addresses that allow computers to speak to one another. Without the DNS servers operated by internet service providers, the internet could not operate.

In this case, the attack was aimed at the Dyn infrastructure that supports internet connections. While the attack did not affect the websites themselves, it blocked or slowed users trying to gain access to those sites. Mr. York, the Dyn strategist, said in an interview during a lull in the attacks that the assaults on its servers were complex.

“This was not your everyday DDoS attack,” Mr. York said. “The nature and source of the attack is still under investigation.”

Later in the day, Dave Allen, the general counsel at Dyn, said tens of millions of internet addresses, or so-called I.P. addresses, were being used to send a fire hose of internet traffic at the company’s servers. He confirmed that a large portion of that traffic was coming from internet-connected devices that had been co-opted by type of malware, called Mirai.

Dale Drew, chief security officer at Level 3, an internet service provider, found evidence that roughly 10 percent of all devices co-opted by Mirai were being used to attack Dyn’s servers. Just one week ago, Level 3 found that 493,000 devices had been infected with Mirai malware, nearly double the number infected last month.

Mr. Allen added that Dyn was collaborating with law enforcement and other internet service providers to deal with the attacks.

In a recent report, Verisign, a registrar for many internet sites that has a unique perspective into this type of attack activity, reported a 75 percent increase in such attacks from April through June of this year, compared with the same period last year.

The attacks were not only more frequent, they were bigger and more sophisticated. The typical attack more than doubled in size. What is more, the attackers were simultaneously using different methods to attack the company’s servers, making them harder to stop.

The most frequent targets were businesses that provide internet infrastructure services like Dyn.

“DNS has often been neglected in terms of its security and availability,” Richard Meeus, vice president for technology at Nsfocus, a network security firm, wrote in an email. “It is treated as if it will always be there in the same way that water comes out of the tap.”

 

Top Comments

Disclaimer & comment rules
  • Pugol-H

    We have entered the age of Cyber wars.

    Replete with states attacking states and independent “ideological groups” attacking anyone they fancy.

    How long before a “Cyber Attack” is considered an act of war.

    Oct 23rd, 2016 - 06:13 pm +3
  • DemonTree

    @ Heisenbergcontext
    Arguably the devices used to carry out the attack - the baby monitors etc - were hacked in order to use them for the DDoS.

    @ Kanye
    Or North Korea. Carrying out a cyber attack does not require a large budget or many people and they are also easily deniable, so they must appeal to smaller, weaker states.

    Oct 23rd, 2016 - 06:45 pm +3
  • Briton

    Twitter, Netfix, and The New York Times.
    these I've heard of,

    but these
    Spotify, Airbnb, Reddit, Etsy, SoundCloud
    not, am I missing out on these, lol

    truthfully guys I was under the impression that it was the Chinese,
    And the USA and Britain has now given more money to counter act these attacks.

    Oct 23rd, 2016 - 07:54 pm +3
Read all comments

Commenting for this story is now closed.
If you have a Facebook account, become a fan and comment on our Facebook Page!