A number of websites—including Twitter, Netflix, and PayPal—were disrupted today by an early morning cyberattack against a key company responsible for routing internet traffic. The company, Dyn, has been posting a series of updates throughout the day, claiming that it came under multiple Distributed Denial of Service (DDoS) attacks. A DDoS attack floods a website or server with traffic from multiple sources, slowing the targeted site or shutting it down altogether.
In this case, the target was Dyn, a major provider of Domain Name Servers (DNS), which allow internet traffic to get routed properly. (Gizmodo has an excellent breakdown of how DNS servers work, and why an attack on a major provider of them would impact so many sites at once.) The attack started at about 7:10 a.m. on the East Coast of the United States, and the company was initially able to restore service. But later in the morning a second and more widespread attack ensued, and service disruption might have spread to Western Europe, according to Reuters.
Today’s attack is being investigated by the US government as a “criminal act,” Reuters reports, and it could be just the latest in what the Department of Homeland Security has characterized as increasingly powerful DDoS attacks. In an October 14 message posted on the DHS Computer Emergency Readiness Team page, the agency warned of “increased risks” of massive DDoS attacks because of poorly secured internet-connected devices such as cameras and home routers. “Recently, [Internet of Things] devices have been used to create large-scale botnets—networks of devices infected with self-propogating malware—that can execute rippling distributed denial-of-service (DDoS) attacks,” the warning read.
Although it’s unclear who is behind the attack, in an early Friday evening tweet, WikiLeaks told its supporters:
Mr. Assange is still alive and WikiLeaks is still publishing. We ask supporters to stop taking down the US internet. You proved your point. pic.twitter.com/XVch196xyL
— WikiLeaks (@wikileaks) October 21, 2016
By the way, here’s what a DDoS attack looks like when it’s visualized (via Gizmodo):