Major websites affected by cyberattack
LONDON: An internet outage affected many of the world’s biggest online firms yesterday, with websites including Twitter, Netflix, Spotify, Reddit, PayPal and eBay down for long stretches.
Other services such as PlayStation Network also appeared to be hit by the outage. Google and Facebook were unaffected.
The widespread disruption was the result of a co-ordinated assault on some of the underlying infrastructure that powers the internet.
Dyn, one of several companies responsible for hosting the crucial web directory known as the Domain Name System (DNS), suffered a sustained “distributed denial of service” (DDoS) attack, leading many people intermittently to lose access to specific sites or to the internet entirely.
A DDoS attack means hackers hijack vast numbers of internet-connected devices to swamp a victim’s website with so much junk traffic that it is unable to cope. Dyn, based in New Hampshire, said the attack began soon after noon. Twitter, Netflix and the others were not directly targeted, but the attack on Dyn – which reportedly serves around 30 Fortune 500 companies – affected users’ access to those sites.
The company indicated that the issue had been fixed by 2.30pm, but that the assault began again a couple of hours later. Just before 7pm the firm said on its status page that the “advanced service monitoring issue” had been resolved, but that its engineers were “still investigating and mitigating the attacks on our infrastructure”.
It still was not clear last night where the cyberattack originated. Kyle York, Dyn’s chief strategist, said the hit on its servers was highly sophisticated.
“This was not your everyday DDoS attack,” he said. “The number and types of attacks, the duration of attacks and the complexity of these attacks are all on the rise.”
In a recent essay titled Someone is Learning How to Take Down the Internet, web security expert Bruce Schneier wrote that someone had been “extensively testing the core defensive capabilities of the companies that provide critical internet services”. Though no culprit had been identified, Schneier suggested “it feels like a large nation state. China and Russia would be my first guesses”.
Lawrence Orans, a vice-president at research firm Gartner specialising in web security and DDoS attacks, agreed. “An attack of this magnitude can’t be executed by a kid in his bedroom,” he said. “It’s more sophisticated than that. A nation state would be a prime suspect.”
US authorities are thought to be concerned that such attacks could be used to disrupt the presidential election. – The Independent