There’s no evidence that the Dyn attacks are centered on the same tool known as MIrai, but Cunningham thinks it’s possible, given the size.
Advertisement
There are several companies that host DNS (Domain Name System) and Dyn is one of those that functions as a switchboard for the internet. That’s why the ripples of the attack on Dyne spread across the Internet and affected the performance of many sites throughout the day. However, the government’s website did go down during the attacks.
The affected Internet companies announced that they were also investigating the disruption in services that Dyn said was caused by DDoS attacks. In the past, experts have used router-filtering and over-provisioning bandwidth (making more available than necessary for day-to-day traffic) to account for attacks. Criminal hackers have found a way to use the web-enabled computers found in household devices like digital recorders and webcams in botnets, or remotely controlled networks sending malicious emails, to stage DDOS attacks. They called them “well planned and executed, coming from tens of millions of IP addresses at the same time”. We start to mitigate, they react.
Dyn said in a series of statements that it first became aware of the attack around 7 a.m. local time and that services were restored about two hours later. The bad news is: big chunks of the internet aren’t working because of a deliberate attack.
“It’s just so darn distributed”, York told reporters.
“The data center that houses their DNS servers are located geographically in this area”, she said. “And that’s the complexity of this”. “We have now applied mitigations to all regions that prevent impact from third party DNS availability events”.
As the US government investigates Friday’s massive internet debacle, security researchers are skeptical of the groups claiming responsibility.
Enderle said there is not as much money to be made in attacking DNS servers as in other types of attacks, like ransomware. For example, if a country believes a hostile government is threatening it with attack, the country could disrupt DNS servers, to show that the hostile government is vulnerable as well, Enderle said.
A cyberattack that took down large swaths of the internet around the world on Friday was carried out, in part, by unsuspecting devices connected to the internet. “For more information visit our status page”. The same botnet was also reportedly responsible for an attack against the website of prominent and influential cybersecurity blogger Brian Krebs.
Advertisement
A recent report from cloud security provider Akamai said it saw a 129 percent increase in DDoS attacks against its customers in the second quarter of 2016 versus the same period previous year.
