Dyn, the dynamic domain name service provider, recently became the target of repeated distributed denial of service or DDoS attacks, cutting people's access to a number of their favorite websites.
Dale Drew, the leading security officer with Level 3 Communications, notes that the attack is partially caused by a "botnet" of Internet of Things devices.
On the morning of Friday, Oct. 21, internet users from the East Coast noticed that webpages such as Twitter, Etsy, Spotify, Netflix and GitHub were unresponsive. The source of the problem was that Dyn, one of the United States' largest internet management firms, was flooded with junk traffic.
East Coast outages were resolved in about two hours, but attacks kept landing during the day.
Twitter affirms that some of its users still cannot sign up to the service, but promises that it is looking into the matter.
Hackers made use of a DDoS attack in which they pooled swarms of internet-connected devices such as routers, security cameras and even computers into a botnet - and went for Dyn's servers.
One of Dyn's main attributes is to filter out bad traffic headed to the websites, and the attack on Friday targeted specifically that. The overwhelming of Dyn allowed malicious users to keep other internet surfers away from popular websites.
DDoS attacks are nothing new, as they have been an effective hacking tool since the dawn of internet. Last month, a DDoS offensive hit security expert Brian Krebs' website with no less than 620 Gbps of traffic.
Flashpoint, a company with expertise in cybersecurity, notes that the botnet that disabled Dyn was crafted using the same malicious software responsible for the hack against Krebs.
The ill-intended software is dubbed Mirai, and what it does is to enslave large numbers of IoT devices, which can then be manipulated to launch DDoS attacks. What is worse, the source code for Mirai went public earlier this month, which might explain its resurgence in the recent hacks.
So far, massive attacks on platforms such as Reddit and Twitter were rarely successful.
Jeremiah Grossman, helm of security for digital security company SentinelOne, explains that big players in the tech world are juicy targets for actors who orchestrate large-scale DDoS attacks.
The fact that most devices in our homes are linked to the internet is no help, either. Prior to the IoT, hackers had to use consistent networks of computers to launch a consistent attack. Now, they simply have to tap into millions of refrigerators, smart TVs, security cameras and home routers to see their ill intentions put into motion.
It should be mentioned that the devices are relatively easy to hack into. That is why Symantec's Shankar Somasundaram estimates that the DDoS attacks are about to become more frequent and more perilous.
"There will be more of these attacks," Somasundaram warns.