For a brief, wonderful moment this morning, it seemed like half the internet was down and we could all just go home. The reason? Late last night, a distributed denial-of-service attack — a common attack that floods a server with traffic so it can’t perform — hit the domain name system managed by the popular provider Dyn, disrupting user access to some of the web’s biggest sites, including Twitter, Etsy, GitHub, and Reddit.
According to Dyn:
This attack is mainly impacting US East and is impacting Managed DNS customer in this region. Our Engineers are continuing to work on mitigating this issue.
Nothing on the affected sites themselves was compromised, as far as anyone can tell: The attack was directed at the DNS, the servers that take a URL typed by a user — say, www.twitter.com — and translate it into the numerical IP address where Twitter’s servers are located. (One incomplete analogy would be that someone stole an internet phone book and prevented your computer from looking up addresses.) This is not the same thing as taking the sites down directly, and meant that throughout the attack (still ongoing as of publication), the affected sites were intermittently available.
DDoS attacks are popular hacker tactics since they require very little beyond a dedicated network of computers — which could even be seemingly innocuous, internet-connected home devices like DVRs or security cameras, commandeered by hackers. It is not known precisely who executed this particular attack. I’m not saying it was Russia, but [gestures in the direction of Russia].