Yesterday, major websites and services became victims of a well-coordinated cyber attack including PlayStation Network, Netflix, Twitter, Reddit and Spotify among a plethora of others.
Security firm Flashpoint has been working with Dyn – the company providing core internet services to the websites affected – to investigate the attacks.
“This was not your everyday DDoS attack”, Dyn chief strategist Kyle York told The New York Times.
DDoS attacks are common, but there is evidence that they are becoming more powerful, more sophisticated and increasingly aimed at core internet infrastructure providers. Allison Nixon, director of research at Flashpoint, said the botnet used in today’s ongoing attack is built on the backs of hacked IoT devices – mainly compromised digital video recorders (DVRs) and IP cameras made by a Chinese hi-tech company called XiongMai Technologies.
Dyn, which is based in Manchester, New Hampshire, said that by 9:30 a.m., the first assault was stopped, but at 11:52 a.m., its servers were again attacked, and then under a traffic deluge again at 5 p.m.
The attack, which according to reports was conducted in three waves, was targeted against Dyn.
The FBI said Friday that it was “investigating all potential causes of the attack”, and the U.K.’s Home Office said it was looking into the matter.
While the exact source of the hacks has yet to be uncovered, a tweet from WikiLeaks claimed its supporters were behind the attack.
Although Dyn managed to fend off the disruption and restore access to its service, Mirai-powered botnets could easily strike again.
Any number of devices, including televisions, smart watches, alarm clocks, vacuum cleaners, children’s toys, and anything else with an internet connection are vulnerable to being infected and, without their owners’ knowledge, used in that kind of attack.
“The Internet of Things sort of ran way ahead of how the Internet was architected”, Dyn’s York said on a call with reporters.
The second attack broadened its net, affecting the U.S. West Coast.
Initially, outages were primarily impacting those on the East Coast, but by midday Friday, people in Europe were reporting outages as well. He said he had no information about who may be behind the disruption.
A map published by the website downdetector.com showed service interruptions for Level3 Communications, a so-called “backbone” internet service provider, across much of the USA east coast and in Texas.