US Probing Cyber Attacks On Twitter, Amazon, Other Websites
- Author: Leroy Wright Oct 30, 2016,
Oct 30, 2016, 18:37
Dyn, a company that acts as a switchboard for internet traffic, said Friday it began experiencing a so-called distributed denial-of-service attack, or DDoS, just after 7 am. The outages were caused, at least in part, by malware sent by hackers to devices connected to the internet.
With the use of this "very sophisticated and complex attack", as described by cyber security researchers Flashpoint, big websites like Twitter, Amazon, Netflix, Spotify, Reddit, and PayPal suffered outages and service interruptions throughout the day.
Hundreds of thousands of devices appear to have have been infected with the malware.
Dyn said it is monitoring for signs of additional attacks.
Krebs, whose website was targeted by a similar attack in September, said the XiongMai devices are "essentially unfixable" and will remain a danger to others unless they are totally removed from the internet.
It was announced at 3:15 Friday afternoon that Dyn had resolved the third wave of the attack.
The sheer scale of the attack knocked off large parts of the internet and left people in the U.S. and some parts of Europe without access to a number of sites. Attackers also used the botnet in a recent attack on the website of investigative cybersecurity blogger Brian Krebs and the other against a major French internet service provider. A DDoS attack - or denial of service - is an attempt to flood a website with so much traffic that it impairs normal service. "But that the underlying weakness which makes them successful can and will be used to unleash more serious attacks".
Although Dyn managed to fend off the disruption and restore access to its service, Mirai-powered botnets could easily strike again.
It hasn't taken long to come true: DNS provider Dyn has confirmed that the attack which took out major internet sites late last Friday was powered in no small part by Mirai.
He added: "This was not your everyday DDoS attack".
Domain Name Services are a crucial element of internet infrastructure, converting numbered Internet Protocol addresses into the domain names that allow users to connect to internet sites.
The scale of the attack led to suspicions that it might be state sponsored, but ZDNet security editor Zack Whittaker said the evidence is not yet clear.
The Federal Bureau of Investigation and the Department of Homeland Security are investigating the attack to determine its roots, including the possibility that a nation-state attack could be to blame.