East coast Internet service attack
resolved
So yesterday
was basically an East coast lock down as hackers blocked access of many popular
websites. JMK wasn’t there but was sniffing around, according to USA TODAY,
Eleven
hours after a massive online attack that blocked access to many
popular websites, the company under assault has finally restored
its service.
Dyn, a New
Hampshire-based company that monitors and routes Internet traffic, was the
victim of a massive attack that began at 7:10 a.m. ET Friday morning. The
issue kept some users on the East Coast from accessing Twitter,
Spotify, Netflix, Amazon, Tumblr, Reddit, PayPal and other sites.
At 6:17
p.m. ET, Dyn updated its website to say it had resolved the
large-scale distributed denial of service attack (DDoS) and service had
been restored.
DDoS
attacks flood servers with so many fake requests for information that they
cannot respond to real ones, often crashing under the barrage. It's unclear who
orchestrated the attack.
“It’s a
very smart attack. We start to mitigate, they react. It keeps on happening
every time. We’re learning though,” said Kyle York, Dyn’s chief strategy officer
said on a conference call with reporters Friday afternoon.
Troubling
to security experts was that the attackers relied
on Mirai, an easy-to-use program that allows even unskilled hackers
to take over online devices and use them to launch DDoS attacks. The software
uses malware from phishing emails to first infect a computer or home network,
then spreads to everything on it, taking over DVRs, cable set-top boxes,
routers and even Internet-connected cameras used by stores and businesses for
surveillance.
These
devices are in turn used to create a robot network, or botnet, to send the
millions of messages that knocks the out victims' computer systems.
The source
code for Mirai was released on the so-called dark
web, sites that operate as a sort of online underground
for hackers, at the beginning of the month. The release led some
security experts to suggest it would soon be widely used by hackers. That
appears to have happened in this case.
Dyn is
getting “tens of millions” of messages from around the globe sent by seemingly
harmless but Internet-connected devices.
“It could
be your DVR, it could be a CCTV camera, a thermostat. I even saw an
Internet-connected toaster on Kickstarter yesterday," said
York.
The
complexity and breadth of the multiple attack points makes it difficult to
fight, because it's hard to distinguish legitimate traffic from botnet traffic.
York said
one bright spot for the company had been the tremendous outpouring of aid from
its customers, competitors and law enforcement. “You guys wouldn’t believe the
amount of support we’ve received,” he told reporters.
Effects felt nationwide
Dyn first posted on
its website at 7:10 a.m. ET that it "began
monitoring and mitigating a DDoS attack against our Dyn Managed DNS
infrastructure."
These
resolved towards 9:30 a.m.. Then more waves began. "It's been a hectic
day," said York.
The attack
comes at a time of heightened public sensitivity and concern that the
nation's institutions and infrastructure could face large-scale hacking
attacks. The most recent example has been the release of emails stolen
from the servers of the Democratic National Committee, which U.S.
intelligence sources say was the work of Russia. The topic has come up
frequently during the fall's hard-fought presidential campaign.
White
House Press Secretary Josh Earnest said the Department of Homeland Security was
“monitoring the situation" but that “at this point I don’t have any
information about who may be responsible for this malicious activity.”
So far Dyn
has not been able to ascertain whether the attack is aimed at any specific
customer. “We have no reason to believe it is at this point,” said Dave Allen,
the company’s general counsel.
The attack
is “consistent with record-setting sized cyber attacks seen in the last few
weeks,” said Carl Herberger, vice president of security at security company
Radware.
Disruption
A post
on Hacker News first
identified the attack and named the sites that were affected. Several sites,
including Spotify and GitHub, took to Twitter Friday morning to post status
updates once the social network was back online.
JMK
SOURCE: USA
TODAY
No comments:
Post a Comment