How the DDOS attack that broke the internet works

Right now there are 42 computers on my personal network.

That doesn’t mean I have a computer cluster in my home to rival the Pentagon’s. Instead it means I have nearly four dozen individual networked devices — from game consoles to webcams — talking to the internet from my home.

And that’s a big problem.

Imagine all of those 42 computers as ticking time bombs — that’s why the attacks Friday that caused dozens of major sites to crash throughout the day are so scary.

DDoS explained: How attackers broke Twitter, Spotify and PayPal

The technique, known as distributed denial of service (DDOS) attacks, involves hackers taking over tons of individual computers and using them as a massive weapon.

Sometimes they take over your Windows or Mac laptops. But more often they attack tiny computers hidden inside smartwatches, fitness trackers and, most recently, Web-connected home security systems.

When those IoT devices are attacked, it’s like living in a house full of electronic zombies.

When your computers are compromised, hackers can force them to send millions of bytes of bad information to servers, resulting in a backlog that can crash even the most expensive and well-maintained systems.

Officials probe cyber attack causing major sites to crash

Twitter users were among those frustrated by the DDOS attack that shuttered sites worldwide.


DDOS attacks are dangerous because they are so easy to initiate and their sources are almost impossible to track.

One modern DDOS program replaces the code inside cheap Wi-Fi security cameras — the kind you see in bodegas — with attack code.

These cameras are easy prey because they have built-in administrator passwords that most users never change. These cameras are sold in over 105 countries and are constantly connected to the internet.

This code unleashes an internet worm that first looks around the internet for more cameras to infect and then waits for orders from a hacker.

Russian hacker who stole info from LinkedIn and Dropbox indicted

When the time is right, that hacker can start sending fake data from those cameras to the most important servers in the world, namely the ones that handle our domain name services, the systems that tells your computer the internet location of every site on the Web.

The worst part? When you unplug those cameras, even briefly, all of the malicious code disappears. You may never know you’re infected until its too late — and resetting the camera simply puts it in line to be reinfected later.

Modern hackers are using the little computers in our lives against important strategic targets. It will only get worse.

John Biggs, a former editor of Gizmodo and TechCrunch, says you should change your passwords to avoid attacks.

John Biggs, a former editor of Gizmodo and TechCrunch, says you should change your passwords to avoid attacks.


DDOS attacks leave no fingerprints — digital or otherwise — and the hackers can easily pull up stakes when someone notices them. State actors can masquerade as hacker groups and hacker groups can masquerade as state actors.

Foreign hackers target cell phones of Democratic Party officials

Only the smartest and most diligent cybersecurity investigators can follow the trail. Because DDOS attacks are so short — a few hours at maximum — it’s a race to trace the zombie computer ringleaders before the trail goes cold.

You can help in two ways.

First, you can change all of your default passwords. You can be diligent in what you connect to your networks and consistently check and update your hardware. And you can run simple security systems on your home routers to ensure that they can’t be turned into zombie machines.

Alternatively, you can shut down all the computers in your house and sit there quietly, safe in the knowledge that none of your tiny machines are doing anything at all. And that, I suspect, is an option few of us want to fathom.

John Biggs is a writer and maker. He was formerly an editor at Gizmodo and TechCrunch and lives in Bay Ridge, Brooklyn. You can read his books at


Send a Letter to the Editor

Join the Conversation: