Can you believe sites like Twitter, Spotify, Reddit, CNN, Etsy, The New York Times, Netflix, Github were down?
Domain Name System services, Dyn Inc., took down sites took down sites and stopped millions from accessing world's most popular sites. of
It happened on Friday, October 21, 2016, as hackers hammered East Coast (New York to Los Angeles) DNS servers with unprotected ‘tens of millions' of malware-infected devices connected to the internet so called multiple denial-of-service attacks until they crashed.
A crazy day for Dyn, although they were successful in stopping the hacks and restoration of services.
There is no guarantee that such attack won't happen again.
Previous DDoS Attacks
- In 2012, a DDoS attack forced offline the websites of Bank of America Corp., JPMorgan Chase & Co., Citigroup Inc., Wells Fargo & Co., U.S. Bancorp and PNC Financial Services Group Inc.
- September 2016, French web-hosting company OVH got slammed with multiple attacks at once, the largest of which sent 799 gigabytes of data per second to the site.
- September 2016, Brian Krebs (cyber security expert) website took down by cyber criminals with 620 gigabytes of data per second sent to his website.
- In March 2013, Spamhaus servers flooded with 300bn bits per second (300 gigabytes) of data.
Spamhaus blamed Dutch web-hosting service Cyberbunker for the attack after it placed firm that “offers anonymous hosting of anything except child porn and anything related to terrorism,” on its blacklist.
Role of Unprotected IOT in DDoS
IOT (Internet of Things) are now becoming big headaches after the release of Mirai (malware software) by a hacker.
IOT are small gadgets connected to the Internet like webcams, fridges, watches, routers, mobiles. Hackers attack unprotected IOT and convert them in zombie or botnets. These machines are used to flood web server with data. Hackers take in control hundreds or thousands of such devices and cripple even the most sophisticated web servers.
The web server must be intelligent to sort out the bad traffic from the good, must have a capacity to capacity to absorb the deluge of traffic and reroute it, which takes time and resources.
The cause of such attacks is little or no security in IOT's. Guidelines provided by ‘The Cloud Security Alliance’s Internet of Things Working Group,' must become strict laws.
Role of DNS Servers
DNS translates website name into IP (Internet Protocol) address, which is the address provided to the server, where website resources reside. If DNS server goes down, sites become inaccessible.