While most wouldn’t imagine a scenario like a malicious entity taking down the entire Internet anywhere outside of science fiction, somebody managed to get pretty close today. A large-scale attack on one of the major DNS providers of the world, Dyn, left users without access to numerous websites which were covered by the company.
The list of affected sites and services includes Amazon, Twitter, Reddit, Netflix, Github, Spotify, and PayPal. While the sites themselves weren’t directly affected by the attack and continued to operate for its duration, users had no way of accessing them, save for those who could somehow manually obtain the IP address for each corresponding service.
DNS is a critical component of the Internet, as it allows a computer to “translate” a human-readable address, such as “www.google.com”, to its corresponding IP address, which is actually needed to establish a connection.
Like the whole Internet itself, DNS is designed to be fault-tolerant, as it’s not serviced by a single company. Still, major providers like Dyn are typically responsible for a large number of prominent sites, making them an attractive target for an attacker.
Now that the situation has died down, some people have started asking a worrying question – what could this mean? Was someone testing their capabilities to attack the whole Internet? And if it’s actually so seemingly easy to achieve that, why hasn’t it happened before?
The answer, as usual in these situations, lies in false assumptions. DNS attacks are nothing new under the sun, and companies like Dyn have to deal with them on a daily basis. According to experts, this sort of thing actually happens quite frequently, but what was unusual in this case is that the attack actually managed to have an effect.
A common theory among many at the moment is that something went unexpectedly wrong at Dyn, and that their backup systems must have been unavailable at a critical moment. Whether this was also the doing of the attackers or an unrelated incident is not known, and likely won’t be revealed publicly.
Other users are curious where the attack could have originated. This is often hard to pinpoint when it comes to major Internet attacks like this, and there are numerous theories going around pointing the finger at pretty much every major world power and various organizations.
Whoever it was, they must have had some serious resources at their disposal, although that doesn’t exactly narrow down the list. We suspect that there will be a lot of discussion about this over the next few days, and we’re curious to see if any actual answers will float up eventually.
Some suspect that the incident could be linked to the upcoming U.S. Presidential elections, but there are no actual links to that at the moment. It would definitely have some serious implications if it turns out that there is actually a connection, however. It’s also possible that someone was intentionally trying to stir up a conflict.
In any case, the Internet is back up now, and Dyn seem to be on top of the attack at this point. Users who want to prevent being left without access to their favorite sites in the future should look up a list of popular IP addresses and add it to their operating systems, depending on their technical capabilities. This incident made it clear that something like this can always be of use.