A massive distributed denial of service (DDoS) attack has been aimed at a large DNS provider, knocking several of the internet’s most popular services offline this morning. According to Gizmodo, Spotify, Reddit and Twitter have been affected, though the attack is likely much more widespread than we currently realize.
The unknown attackers were able to knock off so many services at once by targeting a company named Dyn, which hosts DNS servers. The connection hasn’t been 100-percent confirmed yet, it seems, though Dyn does indeed name Twitter and other services, such as Netflix and LinkedIn, as its customers. Dyn promises that it’s able to “maintain high levels of availability and security, with minimal latency impacts, so your service is never down-and-out.”
That suggests it’s prepared for DDoS attacks, which might mean today’s is massive.
“Starting at 11:10 UTC on October 21th-Friday 2016 we began monitoring and mitigating a DDoS attack against our Dyn Managed DNS infrastructure,” Dyn confirmed in a statement to Gizmodo. “Some customers may experience increased DNS query latency and delayed zone propagation during this time. Updates will be posted as information becomes available.”
Was this attack caused by an IoT botnet?
Is it possible this is the latest from the Mirai botnet? Mirai, if you’re unfamiliar, was a botnet that used unsecured devices in the internet of things – printers, coffee machines, IP cameras, open Linux computers and the like – to send an unprecedented 620 Gbps of data at security researcher Brian Krebs’ website. We talked to hackers following that attack and, now that the Mirai code is open sourced, learned that these sorts of threats are only going to continue and increase in size.
“Once they’ve been hijacked, the devices can be switched from sending normal amounts of data to and from your computer, to sending massive amounts of data at a single target,” I explained in my report about DDoS attacks this month. ” Ultimately, the traffic from hundreds or thousands of these devices can exceed the throughput available to a website or a service, denying additional requests access.”
Twitter and other services seem to be operating properly now, with spotty outages. Let’s hope that’s the end of this attack.