On Friday, October 21, major internet companies were reeling. A coordinated online attack on a major piece of internet infrastructure resulted in services like Spotify, Twitter, and SoundCloud being knocked offline for much of the day.
I woke up on Friday, tried to turn on music (Spotify), and thought my internet was having issues - Spotify refused to connect. This was the case for millions of Americans.
So, what happened? A massive DDoS attack is the culprit, and it was directed at a company named Dyn; Dyn is responsible for DNS services.
USA
Okay, that's a lot of jargon - here's a quick breakdown:
- A DDoS attack is the act of overwhelming an internet server, which stores data (like, say, Spotify's song library), with requests. The server tries to protect itself from being overwhelmed, and that can result in outright shutdowns. I'm oversimplifying here, but that's the long and short.
- DNS, or Domain Name Server, service is the act of translating a web address (www.BusinessInsider.com) into an IP address (104.156.81.64). It's a middleman for ease of use on the internet, so you're not typing in IP numerals.
- Dyn is a company that provides DNS services, and it is one of the most popular in the US.
"The purpose of this attack is to overload the service in any way possible and make it stop working or be unreachable. In this case it was not Twitter or Github that got overloaded, those services work totally fine, but a service allowing you to reach them got overloaded," Adam Surak, site reliability engineer at Algolia.com told Business Insider on Friday.
DDoS attacks on the scale of last Friday's attack are hard to pull off, and require a tremendous amount of computing power. This one was pulled off in a new, particularly worrying way: by taking control of common household electronics that are connected to the internet, and using their processing power to do harm.
Down Detector
Unbelievably, one Chinese electronics maker is responsible for a particularly large chunk of these electronics: Hangzhou Xiongmai. On Monday, Hangzhou Xiongmai issued a recall of "all the circuit boards and components made by Hangzhou Xiongmai that go into webcams," according to a report on the BBC.
It's not clear which products this impacts; reps from Hangzhou Xiongmai didn't respond to request for comment as of publishing.
The issue is a simple one: Some of the company's older products (made before September 2015) don't require users to change the default password. As a result, those products are inherently susceptible to being hacked. In the case of the October 21 internet attack, these devices were hacked and hijacked - the processing power was then repurposed for use in this attack.