Hackers launch huge attack on US sites
WASHINGTON: Hackers unleashed a complex attack on the Internet through common devices like webcams and digital recorders, and cut access to some of the world’s best known websites on Friday, a stunning breach of global Internet stability.
The attacks struck Twitter, Paypal, Spotify and other customers of an infrastructure company in New Hampshire called Dyn, which acts as a switchboard for Internet traffic.
The attackers used hundreds of thousands of Internet-connected devices that had previously been infected with a malicious code that allowed them to cause outages that began in the eastern United States, and then spread to other parts of the country and Europe.
“The complexity of the attacks is what’s making it very challenging for us,” said Dyn’s chief strategy officer, Kyle York.
The US Department of Homeland Security and the Federal Bureau of Investigation said they were investigating.
The disruptions came at a time of unprecedented fears about cyber threats in the US, where hackers had breached political organisations and election agencies.
Friday’s outages were intermittent and varied by geography. Users complained they could not reach dozens of Internet destinations, including Mashable, CNN, the New York Times, the Wall Street Journal, Yelp and some businesses hosted by Amazon.com Inc.
Dyn said attacks were coming from millions of Internet addresses, making it one of the largest attacks ever seen. It said at least some of the malicious traffic was coming from connected devices, including webcams and digital video recorders, that had been infected with a control software named Mirai.
Security researchers had previously raised concerns that such connected devices, sometimes referred to as the Internet of Things, lacked security.
The Mirai code was dumped on the Internet about a month ago, and criminal groups were now employing it in cyberattacks, said Allison Nixon, director of security research at Flashpoint, which was helping Dyn analyse the attack.
Dale Drew, chief security officer of communications provider Level 3, said that other networks of compromised machines were also used in Friday’s attack, suggesting that the perpetrator had rented access to several so-called botnets.
The attackers took advantage of traffic-routing services such as those offered by Alphabet Inc’s Google and Cisco Systems Inc’s OpenDNS to make it difficult for Dyn to root out bad traffic without also interfering with legitimate inquiries, Drew said. Reuters