The internet broke on Friday. Or at least, a large, very popular portion of it did.
Hundreds of popular sites including Twitter, Netflix, and CNN have faced intermittent issues and outages following an ongoing Distributed Denial of Service (DDoS) attack on New Hampshire-based Managed DNS provider Dyn.
In a series of statements, Dyn said that it first became aware of the attack around 7:00 a.m. EST Friday morning and that its services were restored roughly two hours later. Two hours after that, the company said it was working to mitigate another attack. The DDoS incident was finally resolved at 10:17 PM Friday night.
Notable sites knocked offline by the attack include:
According to researchers at Flashpoint, the massive DDoS attack was the product of Mirai, a malware that co-opts vulnerable “Internet of Things” (IoT) devices such as CCTV cameras, webcams, DVRs, printers, and more.
Flashpoint researchers found that the botnet used in Friday’s attacks was made up of DVRS and web-connected cameras made by a Chinese company called XiongMai Technologies.
After that revelation, Xiongmai announced a recall of some its products sold in the US and promised stronger password functions and a patch for products made before April last year.
A group called New World Hackers has claimed responsibility for the attack, which they called a “capabilities test,” but the claim has not been independently verified. The New World Hackers group is known for knocking the BBC offline last year.
As of yet, the true intentions of the attack are unknown—it could be a capabilities test for taking down the internet, as indicated by New World Hackers, but as noted by Paul Mazzucco, TierPoint CSO and Solutions Reviews contributor, DDoS attacks are often deployed as smokescreens, intended to provider rover for a more serious breach or theft of data.
“About one-third of all DDoS attacks are multi-vector attacks that include more subtle invasions that never cross the IT security radar until it’s too late,” said Mazzucco.
The U.S. Department of Homeland Security is monitoring the situation, White House spokesman Josh Earnest told reporters Friday, but has not released any information on who may have been behind the attack.
- Six Endpoint Security Vendors to Watch in 2018 - November 28, 2017
- Bitdefender Releases Cloud-Based Endpoint Detection and Response Tool - November 13, 2017
- CrowdStrike Adds Vulnerability Management Module to It’s Endpoint Protection Platform - November 10, 2017