Last week, on Friday, a massive disturbed denial-of-service (DDoS) attack was made by hackers on Dyn, a company which provides core Internet services to websites like Spotify, Reddit, SoundCloud, and Twitter. This caused slowdown and even outages across various accounts, confusing users around the world. The attack was huge, disrupting some big-name consumer services like Netflix and Spotify, all the way to enterprise-grade providers such as Zendesk and Heroku.
Essentially, a DoS attack attempts to overwhelm servers with junk traffic from multiple sources in order to make something unavailable for online users. The target simply crashes under such immense traffic pressure.
Since September, the number of inconveniences related to DDoS attacks have risen. It began with attacks on KrebsonSecurity.com and OVH and the severity of further attacks increased from there. It was reported that hundreds of thousands of devices were used to carry out these attacks. Evidence, however, points to the fact that the attack carried out last Friday relied on Internet of Things (IoT) devices rather than the use of servers and computers to carry out the attack.
The attack on Dyn’s server was considered not only massive and severe, but highly sophisticated as well. As it was reported, it came from millions of hacked Internet Protocol (IP) addresses. A sophisticated attack is one in which the adversary knows specifically what application s/he is going to attack, collecting intelligence about their target while attacking specific weak points of the target and not just a random system on the available network.
It is still not apparent what the intention of the attacker on Dyn’s server was, or who carried out this attack. One thing, however, is certain: the target selection and sophistication of the attack speaks volumes about the potential of the hacker(s) behind it. It is reported that both RedCult and New World Hackers have claimed responsibility for the attack, signaling to look out for further such attacks in the near future.
That being said, it is quiet early to hypothesize or blame someone for the attacks, but the usual suspect names in such cases are Russia and China. As security expert Bruce Schneier explains in one of his blog posts: “Wolf, you don’t know who is behind this, you don’t know if it’s foreign or domestic. What I do know is over the years we have tried to pass data security legislation. There’s been bipartisan agreement in the House. It has not moved forward into the Senate. We also know that a few years ago we tried to do a bill called SOPA in the House which required the ISPs to some governance on these networks and to block some of the bad actors.”