Can’t log onto Twitter, Spotify or other major internet sites today (Friday, October 21, 2017)? There is a reason for that! These sites and many more were unreachable because of a distributed denial of service (DDoS) attack on Dyn, a major DNS provider. Details of how the attack happened are vague, but one thing is brutalty clear…the internet is tenuous in the face of increasingly sophisticated hacks.
Why now? By whom? The Russians, the Chinese, another nation state? Is it tied to the election? There is a lot of speculation…one thing is really clear…we are entering a brave new world Toto…and it ain’t pretty!
Here is a great explanation of DDoS attacks by Gizmodo…at the most basic level, work like this. An attacker sends a flurry of packets, essentially just garbage data, to an intended recipient. In this case, the recipient was Dyn’s DNS servers. The server is overwhelmed with the garbage packets, and can’t handle the incoming connections, eventually slowing down significantly or totally shutting down. In the case of Dyn, it was probably a little more complex than this. Dyn almost certainly has advanced systems for DDoS mitigation, and the people who attacked Dyn (whoever they are) were probably using something more advanced than a PC in their mom’s basement.
The introduction of the Internet of Things (IoT) has created a whole new world as it it is possible to highjack insecure internet of things devices and turn them into a massive DDoS army has contributed to an uptick in the size and scale of recent DDoS attacks. It that what happened today?
Is this our brave new world? It’s unclear how long it could take for the folks at Dyn to fix this problem, or if they will ever be able to solve the problem of being hit with a huge DDoS attack. But this new breed of DDoS attacks is a scary problem no matter how you look at it.