On Friday morning, Dyn, a New-Hampshire based company came under a massive cyber-attack that brought down many mainstream websites such as Twitter and Spotify. Dyn provides domain name services to many of the big websites on the internet. It deals in monitoring and routing the internet traffic. The attack which the experts say was the distributed denial-of-service/DDoS attack came in three waves and ended in evening. It was aimed at Dyn’s infrastructure that keeps the internet connections run smoothly. While the attack did not have any impact on the websites themselves, it restricted or slowed down the access for the general users. Some other major websites which were effected by this attack include Airbnb, Etsy, Reddit, SoundCloud, Netflix and The New York Times.
DNS or Domain Name Systems is an important part of the underlying infrastructure of the world wide web. It allows the user friendly web addressed to be translated in numerical addresses that allow computers to understand each other. The internet could not operate without these DNS servers managed by the internet service providers. The attackers used tens of millions of I.P addresses to send a flood of traffic to Dyn’s servers. An attack like this disrupts the translating ability of the DNS and thus our browser fails to comprehend where it needs to land when we enter a specific website URL.
Dyn’s chief strategist, Kyle York had the following to say about the attack: “The number and types of attacks, the duration of attacks and the complexity of these attacks are all on the rise,”.“This was not your everyday DDoS attack,” Mr. York said. “The nature and source of the attack is still under investigation.” This attack has exploited a huge weakness in the online world. Hackers can now attack a website without even touching it. All they need to do is to attack the service providers which basically are the backbones of the websites.
Steve Grobman, the chief technology officer for Intel Security at Intel Corporation had the following to say about the attack: “In some ways, this event is positive in educating people that it’s possible for critical capabilities that we rely on for information exchange — entertainment, access to media — can become unavailable due to a cyber-attack, and that cyber-attack might not have to be directed toward the entity itself. “There’a lot we can learn. Really recognizing that anything in the critical path that can be attacked are things we need to look at as part of building a comprehensive defense.”