Brutal DDoS attack shutdown half of the Internet — here’s how

Everything you need to know about yesterday's cyber attack.


7 shares
Network Cables

After a brutal distributed denial of service attack (DDoS) that took place at large scale, shutting down half of the interent yesterday, Dyn blamed faulty and out-dated Internet of Things devices that served the purpose of attack.

Here is how hackers managed to breach into Dyn’s Managed DNS infrastructure:

A distributed denial of service (DDoS) attack is an attempt to make an online service unavailable by overwhelming it with traffic from multiple sources. The attackers use multiple machines spread across the globe to attack a central server. These server requests choke the network and hardly allow any legitimate request to get through. Thus, when a users tries to access the affected server, they’re met with a message that it is no more available. According to Digital Attack Map, more than 2000 daily DDoS Attacks are observed world-wide by Arbor Networks. These numbers are huge but majority of the attacks are carried out at small scale.

Yesterday’s attack was different than previous attacks. The reason why this attack was so massive relates to how it was carried out.

Instead of attacking individual servers at websites like Twitter, Amazon, Reddit, and GitHub, the attackers chosen to go after Dyn — a Domain Name System (DNS) provider that is responsible for converting human-readable websites addresses (like “lhe.io”) into their respective IP addresses.

According to DynDNS, the hackers used connected devices  like routers, smart hubs, thermostats, smart locks etc. to attack Dyn infrastructure, resulting in servers that couldn’t handle any more request from legitimate user due to massive number of requests at the same time. The devices that were supposed to work for the owners, went rogue ans started attacking the network.

Notwithstanding the DynDNS efforts to keep the servers up, it went down, along with every single website or service that uses its managed DNS service, blocking millions of users to access those websites and services.

Level3 Communications outrage map
Level3 Communications outrage map that shows the defective areas along the US East Coast. Courtesy: The Next Web

Following were the notable websites and services that fell into victim to yesterday’s deadliest cyber attack:

  • Business Insider
  • CNN
  • Etsy
  • Github
  • Guardian.co.uk
  • HBO Now
  • PayPal
  • People.com
  • Pinterest
  • Playstation Network
  • Recode
  • Reddit
  • Spotify
  • Starbucks rewards/gift cards
  • Storify.com
  • The Verge
  • Twitter
  • Weebly
  • Wired.com
  • Yelp
  • Zendesk.com
  • Netflix
  • Fox News
  • Disqus
  • Shopify
  • Soundcloud
  • Indeed.com
  • New York Times
  • Weather.com
  • WSJ.com
  • Time.com
  • xBox.com
  • BBC
  • Blue Host
  • Vox.com
  • Fortune
  • CNBC.com
  • FT.com

It is still not clear who is behind this giant attack and what was the real motive, but it has shaken the Internet in the US. The FBI and Homeland Security Department of the United States has started investigating the matter and in coming few days, we can expect to receive further update regarding the attack.

If you like this article, please help us by sharing this article on your social media profiles and by spreading good words about Lhe.io. You may also want to follow us on TwitterGoogle+Linkedin and Facebook.


Like it? Share with your friends!

7 shares
attacomsian

A passionate programmer, domainer, writer and photographer! Love writing about web development, latest trends in technology and domain name industry. Working hard to make the world a better place! Follow me at Twitter @attacomsian or visit my website www.attacomsian.com

0 Comments

Your email address will not be published. Required fields are marked *