Friday’s internet outage

Map of affected users (Source: Downdetector.com).

Friday’s internet outage was caused by multiple sustained attacks against one of the internet biggest service providers, Dyn DNS. The attack blocked access to services like Twitter.com for millions of users in the east coast of North America. The FBI is investigating the outage as a possible criminal activity and some have gone so far as to suggest Russian responsibility.

To understand what happened, imagine the following:

You have a friend, Bob, whom you’d like to write. Bob moves around a lot and he has no telephone. To get his address, you have to call his girlfriend Jenn. Jenn always has Bob’s physical address. And so, every time you wish to write to Bob, you call Jenn to get his latest address.

This goes on for a while until one day, Bob makes an enemy: Mike. Mike knows that the only way to reach Bob is through Jenn so he devises a plan: he is going to call Jenn non-stop, preventing anyone who wants Bob’s address from ever reaching him. Mike calls so much, in fact, that Jenn unplugs her phone out of frustration. To Bob’s friends, he is no longer accessible. This act of denying access is called a Denial of Service attack.

But Bob is still accessible (just like Twitter was yesterday), it’s just that there is no way of getting his physical address. If you knew someone else who knew Bob’s address, you could write to him (and one of the solutions to yesterday’s problem was exactly that, using a different DNS provider).

In the example above, you are your web browser, Bob is the website you are trying to access and Jenn is Dyn DNS.

Friday’s situation was, naturally, much graver. In our example, Mike is the one blocking Jenn’s phone line. In reality, Dyn DNS (the Jenn) can accept many “phone calls” simultaneously but it was “called” by even more hacked devices acting together in a coordinated assault. These devices are said to be our compromised computers, connected security cameras, routers and generally anything with a microprocessor that is also connected to the internet. Rough estimates place the number of attacking devices at “tens of millions”. Together, this attack is called a Distributed Denial of Service attack (DDoS).

As of this writing, there is still no indication as to why the attack targetted Dyn DNS nor who is responsible as there was no ransom note.

As our homes become connected, and more of our technology gains intelligent properties (e.g. smart lightbulbs), so will they provide computing power to any hacker interested in taking possession of the device to inflict DDoS attacks against private or public infrastructure. As consumers we can help. A good start is to always update your software and only purchase smart electronics from reputable businesses.