On Friday, a massive DDoS attack rendered very problematic disruptions on sites such as Reddit, PayPal, Spotify and a host of other companies under Dyn, a company in New Hampshire that acts as a dedicated online optimization infrastructure.
Webcams and recording devices such as DVRs were assumed as conduits to propel the attack, using hundreds of thousands of internet-connected devices infected with malicious code that caused concerning outages, which first began in the eastern part of the United States and spread across other parts of the country and in Europe.
The attack harried affected sites, as many users have reported several of them being down on Friday morning.
Dyn DDOS Attack Resolved
As per Dyn's official post on its official site, the situation has now been resolved.
Before understanding just how a distributed denial of service, or DDoS, attack works, it's important to know the basic premise of domain name services or DNS, as a precursor. Imagine as if a considerable number of websites fell under one complex online directory. Imagine the DNS as a phonebook that houses certain websites. When a user wishes to access that site, the DNS makes sure it arrives on the right one. The site gets delivered, and the DNS serves its function.
If the "phonebook" is not functioning, then that leaves the user's request to arrive at a certain site unfulfilled. Since a number of sites, including Reddit and Spotify, use Dyn as their DNS provider, they were affected by the DDoS attack. Some sites, fortunately, have managed to come back up, while other sites aren't so lucky.
What Are DDOS Attacks?
DDoS is a complex concept to grasp, especially since reading about it requires further understanding of its related terminology. DDoS falls under the broad category of "Denial of Service," or DoS, a phenomenon wherein a site is no longer able to provide users its regular services due to a number of reasons: Capacity issues, server issues or other fairly benign disruptions. If the DoS becomes an "attack," signifying malicious underpinnings, then it's considered a DoS attack. The main difference of a DDoS attack is its scope. DoS attacks usually has a single attacker using a single system, but DDoS attacks employ multiple attack systems to carry out the attack.
In the case of the Dyn attack, hackers used common devices such as webcams and digital recorders to access the sites under Dyn. The hackers used the hundreds of thousands of infected devices infected with Mirai, a control software, to target Dyn, in an attempt to flood it with junk traffic, causing it to malfunction.
Often, DDoS attacks are associated with politics, coming hand-in-hand with an apparent climate of cyber-activism rampant on a given geography or political climate. It's still uncertain what might have triggered the attack, but the New York Times reported that the attack left many election officials worried.
"A DDoS attack could certainly impact these votes and make a big difference in swing states," said Dr. Barbara Simons, co-author of Broken Ballots: Will Your Vote Count?