The Dyn Attack
As I’m writing this article, a multitude of websites across the country are experiencing issues with DNS response and load times. Even some of the biggest and most secure ones out there have been affected — Spotify, Amazon, Netflix, and Twitter. Gizmodo even said that it’s possible that half of America’s internet shut down. (for a full list, go here)
This attack is not directly on the websites individual IP addresses or even Amazon or Google’s servers, but is on one of the main DNS hosts, Dyn. As a DNS host, Dyn basically acts as a phone operator for the internet, connecting user requests with their final server and IP address. By shutting down a DNS server, requests to websites cannot be completed and therefore render the affected websites useless. The hackers — and we’re not sure who is going to claim responsibility yet — have attacked Dyn through a DDoS attack, or a distributed denial-of-service attack.
DDoS attacks are very popular among many hacker groups — such as Anonymous, Lizard Squad, and The Level Seven Crew. A DDoS attack commonly involves a world-wide connected network of zombie processing machines, better known as botnets. A botnet is formed by installing malicious code from websites, emails, or downloaded patches/software. Hackers then can access the computers computing power and IP address to start flooding a web server with requests. A couple computers making simultaneous requests would never be an issue for DNS servers, but hundreds of thousands of computers making simultaneous requests can paralyze even the most secure and sophisticated web servers.
At first, the outages mainly seemed to be affecting websites on the east coast, but complaints of outages on the west coast and in Europe have surfaced. No one is quite sure how expansive the attack is, but Dyn assure’s us they are handling it. “This morning, Dyn received a global DDoS attack on our Managed DNS infrastructure in the east coast of the United States,” Doug Madory, Director of Internet Analysis at Dyn, said in an e-mail sent to Ars this morning. “DNS traffic resolved from east coast name server locations are experiencing a service interruption during this time.”
DDoS attacks and other forms of digital warfare have become increasingly common as more and more of our world lives on the internet and in the cloud. As said on the Federation of American Scientists website, “Digital war, a subset of what we call information war, involves non-physical attacks on information, information processes, and information infrastructure that compromise, alter, damage, disrupt, or destroy information and/or delay, confuse, deceive, and disrupt information processing and decision making.” Stereotypically, people think of hackers as guys with box of pizza, in a dark basement, writing code all day. While sometimes that stereotype holds up, many companies, governments, and people use hacking in different ways. In some cases, hackers use hacking for political or social reasons— which we would call hacktivism — while others, like Snowden, use it to expose unethical behavior, and some use it to harm others. Hacking and digital warfare in the 21st century has the ability to affect all of our lives into the future.
Hacking is not a new thing. People have always hacked — software, games, hardware— and it’s helped invent things that have moved humanity forward. In fact after some of the most notorious hackers get caught, the government hires them to make government systems more secure. For the government and for businesses, dealing with security and determining the availability of highly privileged information proves to be incredibly challenging. While we can create very secure information systems, almost every system has some vulnerability that can be used to create a backdoor. Hackers sometimes exploit these backdoors for classified information, other times they just want to flex their muscles.
On one hand, Hacking has the incredible potential to create better products, better systems, and further thought leadership, but on the other hand, hacking has the ability to cause mass panic, distress, and destruction — from shutting off power grids, disrupting transportation systems, and infrastructure, to stealing credit card numbers, manufacturing new identities, and leaking documents. We can hack the human genome to cure cancer, or we can hack the voting system and cause election fraud. As part of the generation that defined what the internet is and what it can be, we’ve helped develop new kind of war — a digital war.
