Parts of the internet ground to a halt on Friday, October 21, when a group of hackers targeted Dyn with a distributed Denial of Service attack. The attack temporarily broke the path to many websites, including Twitter, and blocking similar attacks in the future will be a monumental task because the hackers used the internet-connected devices already in our homes.
Distributed Denial of Service, or DDoS, uses thousands of online devices to overwhelm targeted servers with garbage data. Those can be computers, but in this case they were webcams and other Internet of Things devices in homes, offices, warehouses, and factories.
A common DDoS tactic is to target a specific website and overload it with more traffic than the servers can handle, taking the site down. In this case, the hackers launched a DDoS attack on Dyn’s DNS servers, so the system that tells your Web browser where to find the site you want to view went down.
The websites you wanted to visit were still running fine, but the DNS servers telling your browser where to find the sites were slow to respond or failed to respond. The end result was that websites appeared to be down while sitting idle waiting for page requests from browsers.
Dyn and DDoS
Dyn is one of the many companies that manages Domain Name Servers, which translate human-understandable URLs—like macobserver.com and apple.com—into the numeric IP addresses your Web browser needs to connect to the sites you visit. If those Domain Name Servers, or DNS, are offline, your browser is essentially shouting into an empty room and waiting for a response that won’t come.
Targeting Dyn was a clever move because instead of taking a single site offline, it blocked access to several sites. That cleverness came, however, at the expense of site owners who couldn’t get traffic during the attack.
A Russian group calling itself New World Hackers took credit for the attack initially saying it was a trial run for something much bigger. Later, NHW changed its story to say that while it was responsible for the Dyn DDoS attack and last December’s BBC DDoS attack, it was done and wouldn’t target any other servers.
The group made their announcement on Twitter, which is something of an ironic twist considering the social networking service was one of their intended targets. The group said, “This is an announcement to the public. We are done hacking and we have considered retirement…If any of you feel the need to just hack or DDOS something, it’s not worth it if you don’t have a good explanation.”
Announcing their retirement is little consolation considering there are countless other groups ready to pick up where New World Hackers left off. It’s also a problem because the group made it painfully clear how IoT devices can be exploited in DDoS attacks.
Next up: Dealing with Internet of Things security