A major Internet outage affected many of the world’s biggest online firms on Friday, with websites including Twitter, Netflix, Spotify, Reddit, PayPal and eBay down for long stretches. Other services such as PlayStation Network also appeared to be hit by the outage. Google and Facebook were unaffected.
The widespread disruption was the result of a coordinated assault on some of the underlying infrastructure that powers the Internet. Dyn, one of several companies responsible for hosting the crucial web directory known as the Domain Name System (DNS), suffered a sustained so-called “distributed denial of service” (DDoS) attack, leading many people intermittently to lose access to specific sites or to the Internet entirely.
A DDoS attack means hackers hijack vast numbers of internet-connected devices to swamp a victim’s website with so much junk traffic that it is unable to cope. Dyn, based in New Hampshire, said the attack began shortly after 12pm BST. Twitter, Netflix et al were not directly targeted, but the attack on Dyn – which reportedly serves around 30 Fortune 500 companies – affected users’ access to those sites.
The company indicated that the issue had been fixed by 2.30pm, but that the assault began again a couple of hours later. Just before 7pm BST the firm said on its status page that the “advanced service monitoring issue” had been resolved, but that its engineers were “still investigating and mitigating the attacks on our infrastructure.”
It still isn’t clear where the cyber-attack originated. Kyle York, Dyn’s chief strategist, told the New York Times that the hit on its servers was highly sophisticated. “This was not your everyday DDoS attack,” he told the newspaper, whose own website was affected by the incident. “The number and types of attacks, the duration of attacks and the complexity of these attacks are all on the rise,” Mr York warned.
In a recent essay entitled “Someone is Learning How to Take Down the Internet,” web security expert Bruce Schneier wrote that someone had been “extensively testing the core defensive capabilities of the companies that provide critical internet services.” Though no culprit has been identified, Mr Schneier suggested “it feels like a large nation state. China and Russia would be my first guesses.”
In a tweet, Wikileaks appeared to credit supporters of its founder Julian Assange for the attack, asking them “to stop taking down the US internet” and suggesting they had “proved [their] point”.
Lawrence Orans, a research vice president at Gartner specialising in web security and DDoS attacks, agreed with Mr Schneier’s analysis. “An attack of this magnitude can’t be executed by a kid in his bedroom,” he said. “It’s more sophisticated than that. A nation state would be a prime suspect.”
The US authorities are thought to be concerned that such attacks could be used in an attempt to somehow disrupt the coming presidential election. The Department of Homeland and Security and FBI were both investigating Friday’s attack, Reuters reported.
While DDoS attacks “do not cause permanent damage,” Mr Orans explained, they can temporarily affect communications, sow a sense of chaos and in some cases cause economic effects, for example by attacking retailers during a sale season. “It’s a temporary disruption to make a point,” he said. “But it’s highly inconvenient.”