The widespread disruption experienced across the internet on Friday was likely caused by hackers who launched a massive attack with web cameras and other smart devices, experts said.
Hackers blocked or slowed access to sites like Twitter, Reddit, Netflix, Airbnb and Spotify by targeting a company that manages a large flow of internet traffic. The company, Dyn, fell victim to a wave of distributed-denial-of-service attacks, or DDoS, that disrupted service beginning around 7 a.m. Eastern.
A target gets bombarded with massive amounts of data during a DDoS that cripples the ability to handle traffic from regular users. It’s a common method of attack, but rarely succeeds on the scale seen Friday. Other sites hobbled included CNN, HBO Go and PayPal.
A heat map showed widespread outages across the continental U.S. and, to a lesser extent, in parts of Europe, before 8 p.m.
So many sites fell because the New Hampshire-based Dyn is a major Domain Name System service provider. DNS helps get users to the actual numerical addresses represented by familiar web names like Netflix.com.
Dyn Chief Strategy Officer Kyle York said the attack came from “tens of millions” of devices that were infected with malware called Mirai. The New York Times reported that web cameras and home routers were among hundreds of thousands of devices used in the attack without their owners’ awareness.
Refrigerators, DVRs and other machines making up the so-called Internet of Things could have been used in the attack as well, according to Popular Mechanics. They are potentially vulnerable to hackers because consumers are less likely to protect these smart appliances with strong passwords, according to the magazine’s website.
Dyn reported around 9:45 a.m. that service had been restored from the first barrage. But later, the company acknowledged that the initial problem hadn’t been fixed and that two more DDoS attacks succeeded in affecting service on the West Coast and in Europe.
Anonymous and New World Friday, two hacktivist groups, claimed responsibility for the attack on Friday, according to Politico. The groups said the assault was in retaliation for the shutdown of WikiLeaks founder Julian Assange’s internet access by Ecuador. Security experts told Politico, however, that the true culprit has yet to be confirmed.
The Department of Homeland Security is reportedly investigating “all potential causes.”
There is no indication that this type of attack puts any consumer information at risk.