Friday morning on the east coast of the USA people started their day to access the Internet to read the news, tweet or post in forums like Reddit. But most people had trouble accessing sites like Spotify, New York Times, Reddit and many more. There was a DDoS attack that took down a big chunk of the Internet for most of the Eastern seaboard.
The attack was aimed at Dyn, an Internet infrastructure company headquartered on the east coast. There was one attack after another which kept on happening and took out websites primarily on the East Coast but later on the west coast as well. Late in the day, Dyn described the events as a “very sophisticated and complex attack.”
Dyn offers Domain Name System (DNS) services, essentially acting as an address book for the Internet. The DDoS attack overwhelms the DNS server and makes it impossible to complete its requests. That’s what makes attacking DNS so effective; rather than targeting individual sites, an attacker can take out the entire Internet for any end user whose DNS requests route through a given server.
Reports indicate that the attack was part of a genre of DDoS that infects Internet of Things devices (think webcams, DVRs, routers, Fridges etc.) all over the world with malware. Once infected, those Internet-connected devices become part of a botnet army, driving malicious traffic toward a given target.
The most affected area was the East Coast and partial West Coast. The rest of the world was not affected so much.
This attack has revealed how fragile & vulnerable the Internet is. Those websites that went down have huge budgets to keep them secure. And large teams working to keep the sites safe. Dyn has a huge team of engineers working around the clock to keep it secure and fixing problems. In spite of that the hackers managed to bring them down and keep them down for hours.