DDoS attack shuts down major websites—and these crippling events could become more frequent.

Andrew Neel/Unsplash

Hackers won some game only they know about today, shutting down what many journalists are calling “half the internet” across America and Europe. If you noticed websites opening slowly?—?or in many cases, not at all?—?it could be because of two hacking attacks.

Hackers targeted Dyn (pronounced “dine”), a DNS provider. Dyn maintains a directory of webpage names and helps users find its clients’ websites. It has a pretty big client list, too. Twitter, reddit, Etsy, CNN, Soundcloud, Spotify and many others were unavailable, intermittently available or just hard to access.

“We’re being attacked by tens of millions of cheap web cams, phones with porn apps installed, and people with babe123 passwords.”

The attacks were distributed denial of service (DDoS) attacks. Hackers flooded Dyn’s servers with “garbage data,” slowing or shutting them down. If the server that manages requests for a particular website is down, you will have a hard time accessing that website. Or, as Dyn put it, “Some customers may experience increased DNS query latency and delayed zone propagation during this time.”

That meant you couldn’t access Yelp to get even with the barista who scalded your almond milk.

This is what a lot of the Internet looked like today. | Josh O’Connor/Dose

The attacks came in two waves. Dyn monitored the first at 7:10am EST and confirmed it at 8:45am, saying, “This attack is mainly impacting US East and is impacting Managed DNS customers in this region.”

Dyn sounded the all-clear around 9:30am. But then a second attack began at 12:28pm. This one seemed to target the US West Coast and Europe, though it was unclear if the two attacks were related. As of 2:23pm, Dyn’s servers still had “issues.”

Here’s a map showing outages in orange, captured from Level3’s downdetector around 1:55pm EST. (Level3’s map was pretty slow to load, come to think of it.)


Here’s an earlier map, from 9:00am EST.


So the blockage seems to be loosening, though at time of writing, I couldn’t reach Slack, Twitter or the London-based Guardian newspaper and a lot of other sites were super slow. Facebook’s name-tagging thingy for posts wasn’t working, either. “We’re all in this together,” offered a jacked-up looking Slack.

Huge black dots invade Slack. | Josh O’Connor/Dose

Seriously, though, this is pretty serious:

“In 2011, hacker collective Anonymous rose to fame with DDoS attacks that pale in comparison to today’s attack on Dyn. Instead of taking out an individual website for short periods of time, hackers were able to take down a major piece of the internet backbone for an entire morning?—?not once but twice. That’s huge.”
?—?William Turton, Gizmodo

Security experts say the attacks probably took advantage of security vulnerabilities allowed by all our dumb online devices, and that we should get used to this?—?because it’s going to happen more and more often.

“The size of these DDoS attacks has increased so much lately thanks largely to the broad availability of tools for compromising and leveraging the collective firepower of so-called Internet of Things devices?—?poorly secured Internet-based security cameras, digital video recorders (DVRs) and Internet routers.”
—Brian Krebs, Krebs on Security

“Use a password manager if you don’t already,” advises Trey Menefee, a social scientist in Hong Kong. “Use 2-factor authentication for everything. There’s nothing we can do about DDoS attacks, except don’t let your own laptop or phone be part of it. Lock your shit down. We’re being attacked by tens of millions of cheap web cams, phones with porn apps installed, and people with babe123 passwords.”

Switching off my webcam and changing my password, I noticed I can still reach Trello and Medium, so I can still work today. Funny, that.