Nate Lanxon , Jeremy Kahn , and Joshua Brustein
October 21, 2016
https://www.bloomberg.com/news/articles/2016-10-21/internet-service-disrupted-in-large-parts-of-eastern-u-sHackers temporarily shut down access to websites for internet users along the U.S. East Coast Friday morning, in what experts say was a coordinated and curiously timed attack on one particular Domain Name Server provider.
Dyn Inc. reported a distributed denial-of-service, or DDoS, attack at around 7:10 a.m. New York time, which left millions of people without access to Twitter, Spotify, Reddit and The New York Times, among other sites. Dyn restored service at 9:20 a.m. but was offline again at around noon, as another attack appeared to be underway, also affecting the West Coast.
DDoS attacks on companies like Dyn, which facilitate the loading of web pages, have increased recently in both size and intensity. The latest comes the day after Doug Madory, director of Internet Analysis at Dyn, gave a presentation at an industry conference about research he had done on questionable practices at BackConnect Inc., a firm that offers web services, including helping clients manage DDoS attacks. According to Madory, BackConnect had regularly spoofed Internet addresses through a technique known as a BGP hijack, an aggressive tactic that pushes the bounds of industry.
Madory’s research was conducted with Brian Krebs, a well-known writer on computer-security issues. Krebs also published an article based on the research last month. Within hours, his website was hit by a “extremely large and unusual” DDoS attack, he wrote.
The barrage likely originated with a large amount of poorly secured devices like internet-connected cameras, routers, and digital video recorders, according to an analysis of the attack on Krebs’s site. These devices, collectively referred to as the “Internet of Things,” have been the source of an increasing number of attacks since early 2015, Flashpoint and Level 3 Threat Research Labs said in a report published last month.
BackConnect has denied having any connection with the incident involving Krebs’s website, and didn’t immediately respond to a request for comment Friday. Krebs wrote on his blog Friday that he had no evidence that the attacks on Dyn were related to Madory’s research. Dyn didn’t respond to requests for comment Friday.
(more at link)