Update: Morning attack on DNS provider resumes, internet burns

xiongmai technologies recall devices friday ddos attack ddosattack
The internet was burning this morning, or at least a portion of it was.

A cyberattack on Dyn, a major internet management company, left much of the web in shambles, with users reporting issues with popular sites like Twitter, Spotify, SoundCloud, Airbnb, and more. On Friday morning, Dyn informed the public that the company had begun “monitoring and mitigating a DDoS attack against our Dyn Managed DNS infrastructure.” As a result, the firm continued, “Some customers may experience increased DNS query latency and delayed zone propagation during this time.”

A DDoS attack, or “distributed denial of service,” is one of the more common methods used by hackers, and involves sending huge volumes of traffic to certain servers to prevent others from using them. Dyn adds that mostly the eastern portion of the United States is being affected. The outages were first noted by Hacker News, which also reported that “if sites reported as down are working for some users, those users’ machines have likely cached the DNS response for those sites.”

It was unclear at first who was responsible for the DDoS attack, but given the widespread nature of the attack, it seems safe to assume that these folks are no amateurs. At around 8:45 a.m. ET, Dyn noted that the attack was “mainly impacting Managed DNS customers in this [Eastern] region,” and that the company’s engineers were “continuing to work on mitigating this issue.”

As it turns out, the Internet of Things (IoT) was at the root of the attacks, with large numbers various kinds of IoT devices being taken over and used to launch the massive assault on Dyn, as Kreb on Security reports. Everything from CCTV cameras to DVRs was used, and apparently, the nefarious tool used to find and take them over was Mirai, used in an attack on Kreb’s site in September.

Security firm Flashpoint confirmed that Mirai was at least partially involved, and the IoT devices used included components made by Chinese company XiongMai Technologies. As Flashpoint’s director of research said, “It’s remarkable that virtually an entire company’s product line has just been turned into a botnet that is now attacking the United States.” Nixon clarified that while Mirai was certainly involved, there could have been other botnets behind the attacks as well.

Given how ubiquitous IoT is becoming, with millions and perhaps even billions of devices scattered around the world and potential open for being turned into DDoS zombies, it’s likely that attacks like today’s will be repeated. The solution would be to ensure that each and every IoT device is designed against such vulnerabilities and that users apply the proper security principles to keep them locked down.

Updated on 10-21-2016 by Mark Coppock: Added additional information about the likely source the DDoS attack.

Mobile

Huawei's situation in the U.S. may improve when trade war is resolved

The U.S. Commerce Department has added Huawei to its "Entity List." Google, Intel, and ARM are all confirmed or rumored to be ceasing business with the company, which may have disastrous effects on Huawei.
Computing

Keep your kids safe online with these great parental control tools

The internet can be a dangerous place, especially for your loved ones. Check out our selection of the best free parental control software for Windows and MacOS, so you can monitor your child and block unsavory sites.
Mobile

The world can be your oyster with a little help from the best travel apps around

Traveling doesn't need to be a time-consuming nuisance. Our handpicked selection of the best travel apps will keep things simple, whether you need cost comparisons for hotels or directions to renowned eateries.
Mobile

Embattled Huawei preps its own backup operating system that runs Android apps

According to a new report, Huawei is developing its own mobile operating system, just in case it loses its access to Android -- something that could happen to ZTE in the near future.
Computing

These external drives have speed, durability, and storage space to spare

Whether you want an external storage drive that is fast, portable, or comes with a ton of storage, these are the best external hard drives available today. They all come with great features and competitive pricing.
Computing

The 2019 ThinkPad lineup is robust. Here's how to pick the right one for you

Be it the X series, the T series, E series, it can be tough to find the best Lenovo laptop that is right for you. To help, we'll break down all the options available to make your choice a more informed one.
Computing

Here’s how to watch AMD reveal its new Ryzen chips at Computex

AMD will hold a pre-Computex keynote May 27 to announce its new line of 3rd-generation Ryzen processors and accompanying Radeon Navi graphics cards. Here's how to watch the keynote live wherever you are in the world.
Computing

Should you buy a MacBook Pro or a Razer Blade Stealth? We'll help you decide

Laptop head to heads are a great way to see which one might be the right one for you. Our latest sees the Razer Blade Stealth (2019) vs. MacBook Pro in a fight to see which one deserves to be your next laptop.
Computing

AMD's latest Navi graphics cards are incoming. Here's what to expect

AMD's Navi graphics cards could be available as soon as July 2019 — as long as it's not delayed by stock problems. Billed as a successor to Polaris, Navi promises to deliver better performance to consoles like Sony's PlayStation 5.
Computing

Ryzen 3000 chips will pack a punch, and could launch as early as July

AMD's upcoming Ryzen 3000 generation of CPUs could be the most powerful processors we've ever seen, with higher core counts, greater clock speeds, and competitive pricing. Here's what we know so far.
Mobile

Want to watch Netflix in bed or browse the web? We have a tablet for everyone

There’s so much choice when shopping for a new tablet that it can be hard to pick the right one. From iPads to Android, these are our picks for the best tablets you can buy right now whatever your budget.
Deals

The best Amazon Prime Day 2019 deals: Everything you need to know

Amazon Prime Day 2019 is still a few months off, but it's never too early to start preparing. We've been taking a look at the best discounts from previous Prime Days to give you our predictions of what to expect this year.
Computing

Microsoft might finally embrace USB-C on next-gen Surface Pro 7

USB-C could finally come to Microsoft's Surface Pro tablet. According to a Microsoft patent filing, the port was shown in an illustration, suggesting that the company is working to support this feature in the future.
Computing

Here’s how to watch the Nvidia Computex 2019 press conference

Here’s everything you need to know about Nvidia’s upcoming press conference at Computex 2019 in Taipei, Taiwan; including what to expect during the press conference and how and when to watch it.