Categories: Security

‘Sophisticated’ DNS Attack Used IoT Gadgets To Target Dyn

The distributed denial-of-service (DDoS) attack on Friday that disabled access to some of the Internet’s biggest websites was highly sophisticated and involved tens of millions of IP addresses across different vectors, according to Dyn, the domain name service (DNS) hosting company that was targeted.

The incident, which affected sites including Amazon, Twitter, GitHub, Spotify and Reddit, was in fact made up of three separate attacks, Dyn said over the weekend.

IoT botnet

The first attack began at 7 a.m. ET, or noon BST, and took out service in the east coast region for about two hours, Dyn said.

“While it’s not uncommon for Dyn’s Network Operations Center (NOC) team to mitigate DDoS attacks, it quickly became clear that this attack was different,” said Dyn chief strategy officer Kyle York in a blog post. “It was a sophisticated attack across multiple attack vectors and Internet locations.”

One source of the malicious traffic was a network of devices such as webcams and set-top video recorders controlled by Mirai, a botnet command tool whose source code was recently released to the public, according to York.

“We observed tens of millions of discrete IP addresses associated with the Mirai botnet that were part of the attack,” he wrote, saying the findings were confirmed by analysis from security firm Flashpoint and hosting provider Akamai.

The attack didn’t affect areas outside the east coast of the US, meaning users on the west coast, for instance, were able to access Dyn customers normally.

Growing scale

A second wave of attack traffic appeared just before noon ET, and while it wasn’t limited to the east-coast area it was mitigated more quickly, in just over an hour. This attack resulted in extended latency delays for users, York said.

He confirmed that a third attack was carried out, but was fended off without affecting customers.

IT security experts said the scale of such attacks has grown appreciably in recent months, in part due to new botnets such as Mirai that control of millions of unprotected Internet-connected devices.

The changes mean the companies charged with mitigating such bursts of traffic must take new measures to be able to handle upcoming attacks, experts said.

“With the significant increase in attack sizes over the past 18 months, which now often surpassing bursts of half a terabit per second, many infrastructure and SaaS providers are looking to beef up their overall capacity and DDoS mitigation measures,” stated Marc Gaffan, vice president at IT security firm Imperva for its Incapsula products.

Incapsula was one of the first to detect large-scale attacks launched from networks of connected gadgets, last year reporting on a malicious network made up of webcams.

Over the weekend Chinese electronics firm Hangzhou Xiongmai issued a recall in the US for the webcams identified as playing a role in the attack on Dyn, but research firm IDC anticipates there will be more than 28 billion IoT devices installed over the next four years.

Are you a security pro? Try our quiz!

Matthew Broersma

Matt Broersma is a long standing tech freelance, who has worked for Ziff-Davis, ZDnet and other leading publications

Recent Posts

Meta Shows Sound-Capable AI Video Generation Tool

Facebook parent Meta shows AI video generation tool Movie Gen that can create 16-second clips…

13 hours ago

US Think Tank Probes NASA Staff Over Trump, Musk Criticism

Conservative think tank requests NASA employee communications discussing Donald Trump, Elon Musk as it compiles…

14 hours ago

EU States Approve China EV Tariffs In Split Vote

EU member states approve hefty tariffs on China-made EVs in spite of opposition from Hungary…

14 hours ago

Google Threatens New Zealand News Ban Over Law

Google says it would stop linking to news in New Zealand if country passes law…

14 hours ago

The Age of Virtual Assistants

Discover how virtual assistants, powered by AI and innovative technology, are transforming industries and personal…

15 hours ago

Google Brings Ads To AI Search Summaries

Google begins broad roll-out of ads for AI Overviews in search results, adds AI-organised results,…

15 hours ago