Skip to main content
  1. Home
  2. Computing
  3. News

Update: Morning attack on DNS provider resumes, internet burns

Lulu Chang
By

xiongmai technologies recall devices friday ddos attack ddosattack
Image used with permission by copyright holder
The internet was burning this morning, or at least a portion of it was.

A cyberattack on Dyn, a major internet management company, left much of the web in shambles, with users reporting issues with popular sites like Twitter, Spotify, SoundCloud, Airbnb, and more. On Friday morning, Dyn informed the public that the company had begun “monitoring and mitigating a DDoS attack against our Dyn Managed DNS infrastructure.” As a result, the firm continued, “Some customers may experience increased DNS query latency and delayed zone propagation during this time.”

Recommended Videos

A DDoS attack, or “distributed denial of service,” is one of the more common methods used by hackers, and involves sending huge volumes of traffic to certain servers to prevent others from using them. Dyn adds that mostly the eastern portion of the United States is being affected. The outages were first noted by Hacker News, which also reported that “if sites reported as down are working for some users, those users’ machines have likely cached the DNS response for those sites.”

Related

It was unclear at first who was responsible for the DDoS attack, but given the widespread nature of the attack, it seems safe to assume that these folks are no amateurs. At around 8:45 a.m. ET, Dyn noted that the attack was “mainly impacting Managed DNS customers in this [Eastern] region,” and that the company’s engineers were “continuing to work on mitigating this issue.”

As it turns out, the Internet of Things (IoT) was at the root of the attacks, with large numbers various kinds of IoT devices being taken over and used to launch the massive assault on Dyn, as Kreb on Security reports. Everything from CCTV cameras to DVRs was used, and apparently, the nefarious tool used to find and take them over was Mirai, used in an attack on Kreb’s site in September.

Security firm Flashpoint confirmed that Mirai was at least partially involved, and the IoT devices used included components made by Chinese company XiongMai Technologies. As Flashpoint’s director of research said, “It’s remarkable that virtually an entire company’s product line has just been turned into a botnet that is now attacking the United States.” Nixon clarified that while Mirai was certainly involved, there could have been other botnets behind the attacks as well.

Given how ubiquitous IoT is becoming, with millions and perhaps even billions of devices scattered around the world and potential open for being turned into DDoS zombies, it’s likely that attacks like today’s will be repeated. The solution would be to ensure that each and every IoT device is designed against such vulnerabilities and that users apply the proper security principles to keep them locked down.

Updated on 10-21-2016 by Mark Coppock: Added additional information about the likely source the DDoS attack.

Editors' Recommendations

Topics
Lulu Chang
Lulu Chang
Former Digital Trends Contributor
Fascinated by the effects of technology on human interaction, Lulu believes that if her parents can use your new app…
Cloudflare just stopped one of the largest DDoS attacks ever
Hands on a laptop.

Cloudflare, a company that specializes in web security and distributed denial of service (DDoS) attack mitigation, just reported that it managed to stop an attack of an unprecedented scale.

The HTTPS DDoS attack was one of the largest such attacks ever recorded, and it came from unusual sources -- data centers.

Read more
Microsoft stopped the largest DDoS attack ever reported
Nvidia T4 Enterprise Server Wall

Distributed Denial-of-Service (DDoS) attacks have become more common, and Microsoft recently published a blog post looking into the trends for such attacks on its own servers. In that post, the company says that, at one point, it stopped one of the largest-ever-recorded DDoS attacks on a Microsoft Azure server in Asia.

According to Microsoft's data, in November, an unnamed Azure customer in Asia was targeted with a DDoS attack with a throughput of 3.47 Tbps and a packet rate of 340 million packets per second (pps.) The attack came from 10,000 sources from multiple countries across the globe, including China, South Korea, Russia, Iran, and Taiwan. The attack itself lasted 15 minutes. Yet it is not the first one of such scale, as there were two additional attacks, one of 3.25 Tbps and another of 2.55 Tbps in December in Asia.

Read more
Cloudflare reports a massive 175% increase in DDoS attacks
Person using laptop with security graphics in front.

Cloudflare, a web infrastructure and security company, has just released a report titled "DDoS Attack Trends for Q4 2021." According to Cloudflare, 2021 has been a particularly bad year in terms of DDoS attacks.

Ransom distributed denial of service (DDoS) attacks increased by over 175 percent quarter over quarter, highlighting the large scale of the problem described by Cloudflare.

Read more