Last Friday, users of DYN, Twitter, Etsy, Github, Soundcloud, Spotify, Heroku, Pagerduty, Shopify, Okta, Zendesk, and Business Insider in some areas of the United States and England reported that these said websites were not loading. Aside from the above mentioned, it also included Amazon and Netflix. The issue was resolved as early as 9:20 a.m. ET, but around 12:07 p.m. ET, the issue was starting up again, and this prompted IT experts to now see this as a cyber-attack. Around 4:16 p.m., according now to CNBC news, a third wave of attacks began. But by 6:20 p.m. the incident was mostly resolved, and most of the attacked websites were posting “back to normal” status updates. The cyber-attacks seemed to concentrate first on DNS hosts, particularly Dyn, one of the biggest DNS companies in the world. According to Dyn on Friday, since the morning that day it suspected that it was suffering from a DDoS attack, or what is known as a Distributed Denial of Service. This basically meant that hackers were overwhelming Dyn’s with a bombardment of useless data and repeated loud requests, preventing useful data such as IP addresses for example, from getting through. The purpose of such hacker cyber-attacks is to overload the service in any possible way and make it either stop working or be unreachable. In this case there was no problem with any of the aforementioned websites, but rather with the service allowing you to reach them as these got overloaded.
Who was responsible?
Unfortunately, or fortunately, no group or even individual has taken credit for the DDoS attack yet, and no attacker has made contact with Dyn or any of the affected websites. Both the FBI (Federal Bureau of Investigation) and the Department of Homeland Security are now investigating as well as monitoring the situation in case another fresh wave of attacks occur. For now, the US intelligence agencies are unanimous that the attack does not seem to be state-sponsored or directed. The attacks though, were well planned and executed, coming from tens of millions of IP addresses all at the same time, logic dictating that this could not possibly be the work of just one person. The simultaneous attack even originated from internet-connected products like “internet of things” appliances, DVR’s, printers, and the like.
Video Courtesty of YouTube:
However, last week, WikiLeaks said that possible DDoS attacks could be launched as a sign of support for its founder, Julian Assange. Code to wage DDoS attacks by hacking internet of things was released on WikiLeaks last week as well. Some intelligence agencies like the NSA were warning that criminals could be behind the DDoS attacks in order to extort from internet infrastructure companies. The NSA noted a “high chatter” in the cybercrime underground discussing plans to attack server companies. Presently, some intelligence and IT experts are taking issue of the fact that the United States transferred oversight of DNS to an international non-profit group. They cite that no cyber-attacks could be launched when DNS oversight was still in the U.S.