As you may have heard, last week a large portion of the internet suddenly went dark. Major websites like the New York Times, Twitter, Spotify, and Reddit were temporarily unavailable. The reason quickly became clear – a massive Distributed Denial of Service (DDOS) attack against Dyn, an internet services company.
This denial of service attack overwhelmed Dyn’s servers with bogus requests from infected computers so that legitimate users couldn’t access Dyn’s services. Servers, computers which store information online, can only handle a limited number of requests for data. Malicious actors sometimes attempt to block users from accessing the data by directing a large network of infected computers (a botnet) to make rapid requests for large amounts of data. These requests overwhelm the server and block legitimate users from accessing it.
There are several strategies companies can use to avoid denial of service attacks. They can block the offending bots from their services or attempt to separate human-made requests from automated ones. A common strategy is to block computers from particular geographic areas. Malicious actors have responded by spreading their botnets across the globe in distributed denial of service attacks. Generally speaking, the more computers participating in an attack and more spread out those computers, the more difficult to block it. One is to block computers in
So what made this attack so special? Well first off, it was enormous. The botnet included 10s of millions of computers and requested 1.2 terabytes per second from Dyn, smashing the previous DDOS record of 600 gigabytes per second. Secondly, most of the bots weren’t strictly computers. Instead, web-enabled CCTV cameras and DVRs were the main attackers. The hackers had broken into these devices using default usernames and passwords and built a huge botnet out of them.
The unprecedented size of the overwhelmed even the relatively well-prepared Dyn and brought down many sites reliant on the company. It marked an unanticipated consequence of the growing Internet of Things – weakly protected web-enabled devices will allow hackers to built huge botnets. Security experts and internet business are still figuring out how to best respond to this new reality.