Cyber attack: Hackers use everday devices to cause major internet outages

Onslaught one of the largest cyber assaults of all time

Harriet Agerholm
Saturday 22 October 2016 10:05 EDT
Comments
A Google-owned data center.
A Google-owned data center.

Your support helps us to tell the story

From reproductive rights to climate change to Big Tech, The Independent is on the ground when the story is developing. Whether it's investigating the financials of Elon Musk's pro-Trump PAC or producing our latest documentary, 'The A Word', which shines a light on the American women fighting for reproductive rights, we know how important it is to parse out the facts from the messaging.

At such a critical moment in US history, we need reporters on the ground. Your donation allows us to keep sending journalists to speak to both sides of the story.

The Independent is trusted by Americans across the entire political spectrum. And unlike many other quality news outlets, we choose not to lock Americans out of our reporting and analysis with paywalls. We believe quality journalism should be available to everyone, paid for by those who can afford it.

Your support makes all the difference.

A major cyber offensive that brought down internet behemoths Twitter and Paypal is thought to have been launched by hackers using common devices such as webcams, baby monitors and digital recorders.

In a huge breach of global internet stability, hackers brought down well-known sites including Netflix, Twitter, Paypal and Spotify.

The widespread disruption was the result of a coordinated assault on some of the underlying infrastructure that powers the Internet. Dyn, one of several companies responsible for hosting the crucial web directory known as the Domain Name System (DNS), suffered a sustained so-called “distributed denial of service” (DDoS) attack, leading many people intermittently to lose access to specific sites or to the Internet entirely.

Attackers overwhelmed the system using hundreds of thousands of devices that had been infected with malicious code to create a "botnet", Dyn said it had fought off a number of different attacks throughout Friday. Outages were reported in the Eastern United States before sweeping across the country and over Europe.

DDoS attacks are common, but there is evidence that they are becoming more powerful, more sophisticated and increasingly aimed at core internet infrastructure providers.

"The complexity of the attacks is what's making it very challenging for us," Dyn's chief strategy officer, Kyle York told Reuters.

US Homeland Security and the Federal Bureau of Investigation (FBI) are investigating the breach. A spokeswoman said the FBI were looking into the incident and all potential causes, including criminal activity and a nation-state attack.

The enormous attack comes amid increased concern for cyber security in the US, after hackers broke into the computers of a series of US organisations, including those of the Democratic National Committee (DNC).

The hacks against the DNC have increased political tensions, with the US directly accusing Russia of carrying out the attacks.

During the third and final presidential debate, Ms Clinton accused Russian President Vladimir Putin of personally carrying out the hack.

Dyn said the onslaught was coming from millions of internet addresses, making it one of the largest cyber onslaughts of all time.

The internet outages on Friday were intermittent and varied by geography. Users reported that dozens of sites including that of CNN, the Wall Street Journal and some businesses hosted by Amazon.com could not be reached.

As part of a DDoS attacks, hackers flood targets with so much traffic they become overwhelmed and freeze. It still isn’t clear where exactly the cyber-attack originated.

Dyn said it had determined that at least some of the attacks were coming from common devices including webcams and video recorders infected with software called Mirai.

Security experts have previously warned that that such devices pose a security threat.

Dale Drew, chief security officer at communications provider Level 3, said that other networks of compromised machines were also used in Friday's attack, suggesting that the perpetrator had rented access to multiple so-called botnets.

The Mirai code was dumped on the internet about a month ago, and criminal groups are now charging to employ it in cyber attacks, according to Allison Nixon, director of security research at Flashpoint, which was helping Dyn analyse the attack.

Additional reporting by Reuters

Join our commenting forum

Join thought-provoking conversations, follow other Independent readers and see their replies

Comments

Thank you for registering

Please refresh the page or navigate to another page on the site to be automatically logged inPlease refresh your browser to be logged in