If you live in the East Coast of the US and tried to access the likes of Twitter, Netflix, Amazon, Reddit, and even Spotify, among other sites earlier this morning, you would most probably have noticed that none of them worked. Zilch. Nada. It was as though someone cut off the supply of your digital drug of choice, and you had no idea how to kick start your work day from there, apart from staring at the Gantt chart on the monitor to figure out how many more days you have left to laze around and appear to look busy before booting out the spirit of procrastination and getting started on your actual work. Perhaps there is redemption in the massive distributed denial of service attack (DDoS) that happened this morning against Internet performance company Dyn that is based in New Hampshire -- productivity at offices would have increased sharply.
The DDoS attacks happened from 7.10am ET, and continued through the day, making it nigh impossible for users to gain access to the above mentioned sites and more. Kyle York, Dyn’s chief strategy officer, did mention over a conference call that was held on Friday afternoon, “It’s a very smart attack. We start to mitigate, they react. It keeps on happening every time. We’re learning though.”
Mirai as the program behind these DDoS attacks, and to make things all the more remarkable, Mirai is easy to use. Even unskilled hackers are able to take advantage of the program in order to take over online devices, followed by using these devices as the launch platform for DDoS attacks. Phishing emails that are opened are the gateway for such malware, which can then infect a computer or home network before spreading everywhere else in rapid fashion if proper network or digital security defenses have not been erected beforehand. Many different devices will not be spared from such infection, ranging from Internet-connected cameras to DVRs, cable set-top boxes, and routers.
Earlier this month, Mirai’s source code first appeared on the ‘dark web’: a site that normally requires a very specific software or authorization in order to gain access, more often than not functioning as a kind of online underground for the hacker community. Certain security experts figured out that it is just a matter of time that hackers will take advantage of the situation: a prophecy that has been fulfilled.
With Mirai overtaking so many devices, Dyn ended up receiving “tens of millions” of messages worldwide, which were sent by Internet-connected devices. Since there are so many attack points, and it is really difficult to pinpoint where to begin defending, such DDoS attacks are notoriously difficult to defend against simply because it is so hard to tell the difference between legitimate traffic and botnet traffic.
The effects were felt all over the US, and it was apparently resolved towards 9.30am, although that was not the case as additional waves arrived. Such attacks are being investigated by the U.S. Department of Homeland Security, where there were fears that such an attack could be nothing more than a trial run -- with the “main event” being the U.S. presidential election that is happening early next month.
The West Coast looks set to bear the brunt of the DDoS attack after the East Coast aftermath, where many websites were unavailable for most users even as of 11am this morning.
Some of Dyn's clients include Box, and they did issue a statement on the situation which reads as follows:
Following the widespread internet Distributed Denial of Service (DDoS) attack on Box's DNS provider, which resulted in degradation of many internet services, we have now restored access to all Box services. Customers are able to access their Box accounts as usual. Note that there has been no impact to the integrity of our service or customer data.
Again, we apologize for any inconveniences this may have caused. If you do encounter any additional issues contact us through our Community Page at https://community.box.com. As always you can monitor the status of Box services at http://box.statuspage.io/.