How An Attack On A Company You’ve Never Heard Of Shut Down The Internet

And how you can get your Netflix to stream again

If you were on the internet today, as you may have been if you’re reading this, then you probably noticed some sites are having trouble loading, and others are not working at all. There’s a good reason for that. Well, not a good reason, but a clear, obvious reason: someone is attacking the internet, and they’re succeeding.

The attacks have a single primary target: a company called Dyn DNS. The company is a middleman on the internet, providing the DNS service that routes requests from your computers or phones to the websites that are your final destination. When everything works smoothly, Dyn has a low profile, and there’s little reason to give it a second thought. But when the DNS servers go down, internet traffic can’t get anywhere, so popular sites are unreachable, and users are left wondering what, exactly, went wrong. The attacks have blocked everything from Grubhub to Github, leaving the hungry, the nerdy, and everyone else, with an internet experience that’s sorely lacking.

Dyn was shut down by a distributed denial of service (DDoS) attack, part of a wave of increasingly larger and larger DDoS attacks, launched from hordes of otherwise innocuous “smart” internet-connected devices that have been hacked. We’ve seen DDoS attacks before, but nothing quite on this scale. As William Turton notes at Gizmodo:

Security researcher Brian Krebs was, just last month, targeted by a then-record DDoS attack, which was then superseded by another attack on a French firm. How are the attacks getting so big, so fast? Krebs writes:

In the past, major outages could be as much a matter of human error as carefully selected attack. But the attack on Dyn isn’t a human failure so much as an infrastructure vulnerability, and one that’s only expected to grow. The botnet attack that overwhelmed Krebs and French firm OVH convinces servers to overload each other with requests, and to exploit security protocols on public networks.

In a profile of the DDoS bot for F5, Liron Segal writes: “considering the low cost to maintain an IoT DDoS botnet, and referring to Gartner’s forecast3 stating connected things…will reach 20.8 billion by 2020, we can assume the IoT infection vector to grow. We should anticipate DDoS attacks over 1 Tbps to become more common in the near future”

In the meantime, what can a user do? Find a different domain name server to start. Dyn’s DNS servers are extremely popular, but they’re not the only ones, and it’s easy for users to seek out a different server that’s not under attack. Daily Dot has a guide to getting around the Dyn outage. That will hold for now, but massive attacks, carried by Internet-of-Things things, will only stop when people stop making poorly secured Wi-Fi-connected juicers and Bluetooth-enabled umbrellas. At the very least, the companies that make smart egg-minders and cat-tracking water fountains need to continuously invest in security.

Then, and only then, will people who want to shut down the internet have to resort to physically hacking apart the internet with axes.