All You Need To Know About The Recent Dyn DDOS Attack
A week ago, on 21st October 2016, Dyn Inc. were targeted by one of the biggest DDOS (Distributed Denial of Service) attacks. It saw huge websites such as Twitter, SoundCloud, Spotify, eBay, Playstation, The Verge, The Telegraph, Amazon, Netflix, Tumblr, Etsy, Pinterest, Basecamp, AirBnB and Reddit (to name but a few) down and out for the count.
But what does this mean for companies, and even the ordinary everyday folk? Well, in this blog post we aim to teach you exactly what happened, why it happened and what could be done by everyone to avoid attacks like this in the future.
The Basic Details
So we already know some of the popular websites affected in this attack and when the attack happened, but who exactly is Dyn Inc. and what did the attack exactly consist of?
Dyn Inc. are an internet directory service that offers DNS (Domain Name System) services to these large websites. It’s a system that converts alphabetical names into numerical IP addresses. So, for example, when you type in a website (URL) into your web browser, DNS servers like Dyn Inc. return that IP address associated with that name.
Image credit: DownDetector
The attack itself came in 3 rounds; one at around 9am, another at noon and the last one came at around 4:30pm ET. It mostly affected those living in the United States, but Europe was also slightly affected. Sky News reported that the attack was potentially carried out by a group called “New World Hackers”, suspected to be a group of around 30 teenagers (the ‘head’ of which, Ownz, is based in London) who were merely “testing their power” rather than making demands.
What Did Dyn Have To Say About The Matter?
“It’s a very smart attack. As we mitigate, they react.” was one of many reactions by Dyn’s Chief Strategy Officer, Kyle York over the course of the day. He also said “There are 3.4 billion internet users globally and 10 to 15 billion IoT devices. It’s a complex world. All we can do is lock arms together and see how we can rectify this.”, according to a report from TechCrunch.
Image credit: Crunchbase
“We are working incredibly diligently on that with the law enforcement community and infrastructure community,” York said, commenting on who may or may not be responsible. “No one wants to be next.”. York even reported that Dyn were working closely with the Department of Homeland Security to find the culprits.
Why Was Dyn Attacked?
It’s difficult to say exactly why Dyn were attacked specifically, as it’s still not 100% clear who attacked them in the first place (even though New World Hackers claimed to be responsible for the attack). It’s at least clear to everyone that the hackers are nothing to be afraid of as no demands were made, it is very likely that it is merely a group of teens.
Image credit: Mike Rastiello via Flickr
You could argue that Dyn were attacked because they are a large business with many high end clients, but Ownz (leader of New World Hackers) claims the attack was to show weakness in the security of the business. He said: "I think you can see how fragile the internet network actually is.".
How does this affect you?
Initially you would think that the attack makes little to no difference to anyone outside of Dyn, but unfortunately the way in which the attack was carried out involves almost all of us. How? Because of a little thing called “The Internet of Things” (also known as IoT).
You see, Dyn later determined that the traffic used for the attack came from the ‘Mirai Botnet’, this is a network of infected IoT devices that have been more successfully used in large DDOS attacks. These can be normal household objects such as webcams, thermostats and televisions, that connect to the internet in some way.
Image credit: David Burillo via Flickr
There has been a huge rise in unsecure IoT devices, as many of them either come with default usernames and passwords of they do not come with them at all. This means that anything, or anyone, can connect to it (as long as it’s connected to the internet).
Kate Bevan, expert Technology journalist, told Sky News: "It's your fridge, it's your printer, it's your wi-fi kettle - it's all of these devices which are online and a lot of them are incredibly insecure. They have default passwords which consumers can't change."
What Can You Do To Help?
For homeowners it’s a simple case of only buying devices for your home that can be controlled by yourself with a username and password (your own, not the default one). Make sure that you are buying secure devices from reputable dealers before connecting to them. Also be sure to have a username and password to connect to your internet in the first place.
Image credit: Daniel Aleksandersen via Flickr
For those devices that simply do not have usernames and passwords please make sure that you’re only connecting them to the internet when you need to. We’re all guilty of leaving devices permanently connected to the online world and it’s a contributing factor to these large-scale DDOS attacks.
For businesses it’s much the same, but with much better online security. Web security is key when you own a business and as much as this kind of attack is only likely to happen to larger businesses, it’s much better to be safe than sorry. You can also consider the many benefits of managed IT support, superb web security and 24/7 monitoring being just two of them.