Much of the Internet was brought to a screeching halt Friday as a cyberattack on Watch Vanguard Onlinea company many had previously never heard of brought down many of the most popular online services, including Twitter and Spotify.
As of Friday afternoon, much of the drama was still playing out, though more details are slowly emerging. While the full story won't be clear for some time, if ever, we are now beginning to understand how this happened.
This particular attack targeted Dyn, a New Hampshire-based internet company that provides a service called domain name systems to some of the most-trafficked sites on the internet.
Domain name systems, or DNS, is a key part of the underlying infrastructure of the internet. Sometimes described as the "phonebook" or "GPS" of the internet, DNS enables browsers to connect with websites.
DNS enables browsers to connect with websites.
When you enter a URL, like twitter.com, into your browser, you understand that you are trying to access Twitter, but your computer can only point you to the correct website when the URL is translated into a specific numerical code called an IP address. DNS is the technology that translates URLs into IP addresses.
A particular service, like Twitter, usually isn't hosted in a single place. Much of its data is duplicated and stored on servers in several regions so, say, users in New York can access the site as quickly as those in Hong Kong. Thanks to DNS and DNS service companies, your browser knows which data is the best to access, and they also keep the data current.
By targeting Dyn, this attack disrupted that process so that your browser can't figure out where it needs to go when you enter the URL. This also makes it particularly challenging for affected sites since over the last few years they've handed DNS services almost completely over to third parties (in this case, Dyn).
Intel Security's Chief Technology Officer Steve Grobman compares it to losing GPS when you don't know where you're going. "If you think about going to the store but the GPS system was compromised and you had no way to navigate there, it doesn't really matter that — in theory — the store is open somewhere," he explains
In this case, the attackers used a technique called distributed denial of service (DDoS) in order to bring down Dyn, which in turn made Twitter and many other sites inaccessible. DDoS attacks, which are surprisingly simple and increasingly common, use huge networks of malicious software called botnets to bring down a specific service by overwhelming it. Think of how websites sometimes go down due to huge, often unexpected, volumes of traffic; DDoS attacks are designed to intentionally bring services down the same way.
Dyn has yet to elaborate on the source of the attacks, but security analysts at Flashpoint say they have linked the attack to previous ones that have used networks of connected devices, like "smart" refrigerators and other gadgets, to bring down websites. As Mashablepreviously noted, the so-called "Internet of Things," is an easy target for hackers to turn into botnets as many devices have lax security.
It could be some time before we find out the source of the attack and just how widespread its effects are. But one thing is clear, it sets a troubling precedent for how back-end providers like Dyn can be exploited. By targeting the companies that power the typically invisible processes that make up the backbone of the internet, hackers can bring down all kinds of services without ever touching those sites themselves.
With each attack, the security community is learning.
Still, Intel's Grobman says the outlook isn't entirely negative, noting that with each attack, the security community is learning.
"In some ways, this event is positive in educating people that it's possible for critical capabilities that we rely on for information exchange — entertainment, access to media — can become unavailable due to a cyberattack, and that cyberattack might not have to be directed toward the entity itself.
"There'a lot we can learn. Really recognizing that anything in the critical path that can be attacked are things we need to look at as part of building a comprehensive defense."
Topics Cybersecurity
(Editor: {typename type="name"/})
Preserve Yourself!
Best Apple deal: Save $50 on 11
Devastating Akira ransomware cracked in hours using cloud computing
LinkedIn launches ‘Zip,’ a brain
Sméagol in the Sky
Retirement, Brought to You by Prisons, Inc.
Whitney Curry Wimbish ,July 17, 2017 Retir
...[Details]
SAVE $422: As of March 20, the Samsung 70-inch Q60C QLED 4K Smart TV is available for $677.69 at Wal
...[Details]
Pixel 9a vs Pixel 9: What are the differences?
Google just introduced the Pixel 9a, the latest smartphone in the Pixel 9 family. The Pixel 9a is th
...[Details]
Elon Musk's DOGE is breaking things it can't fix, warn IT experts
Elon Musk loves wearing his TECH SUPPORT T-shirt in the White House. He wore it to his Oval Office i
...[Details]
Bafflersplainer: Win the Future
Political Cartoons
...[Details]
Best thermostat deal: Get $40 off the Google Nest thermostat
SAVE $40: As of March 19, get the Google Nest Learning Thermostat for $239.99, down from its usual p
...[Details]
Best tablet deal: Get the Google Pixel Tablet for $120 off at Amazon
SAVE $120: As of March 20, get the Google Pixel Tablet for $279, down from its usual price of $399.
...[Details]
NCAA bracket: 3 strangest ways 2025 March Madness winners were picked
The NCAA basketball tournaments have finally arrived, and that means it's time to create a bracket o
...[Details]
After a surprisingly robust 2017, our collective attentions now turn to the new year, and many quest
...[Details]
NYT Connections Sports Edition hints and answers for March 19: Tips to solve Connections #177
Connections: Sports Editionis a new version of the popular New York Times word game that seeks to te
...[Details]
接受PR>=1、BR>=1,流量相当,内容相关类链接。
