LISTEN LIVE KPR - On Air: Listen Live to classical, jazz and NPR news Schedule LATEST
NEWSCAST
KPR 2 - On Air: Listen live to KPR's all talk-radio service, KPR2 Recordings

Share this page              

What Was Up With The Internet Today? Websites Lagged Or Didn't Load For Many

Dyn is a company that helps route Internet traffic and supports major websites and services.

Updated at 7:30 p.m. ET

Hackers attacked a major Internet infrastructure company Friday, causing intermittent disruptions to websites and services including Twitter, Amazon, Spotify and Airbnb most of the day. It wasn't until shortly after 6 p.m. ET, that the company said that the "incident" had been resolved.

Friday's disruptions were the result of a massive DDoS, or "distributed denial of service," attack. That's when hackers overwhelm a website with fake traffic to cause breakdowns. Except in this case, it wasn't just one website. The victim of the attack is a company called Dyn (pronounced "dine").

Dyn is one of the companies that sit between you and some of the biggest websites and services — and help make sure that when you type in a Web address, your traffic is properly routed. That's why the ripples of the attack on Dyne spread across the Internet and affected the performance of many sites throughout the day.

The full day of attacks began around 7 a.m. ET. Dyn says the attacks came in three waves and rolled around the world: After Dyn cleared its East Coast data centers, the attackers moved their targets across the country and the world.

The most notable element of this attack is its origin. Typically, DDoS attacks are done through a ton of computers that hackers hijack and use to barrage websites. But this time, Dyn officials say it wasn't computers — it was "tens of millions" of Internet-connected things, like CCTV cameras, DVRs and routers.

"We see dozens of attacks over the period of weeks and months. ... We're always seeing DDoS attacks," says Dyn Chief Strategy Officer Kyle York. But the use of Internet-enabled devices results in a whole new scale of an attack.

"It's just so darn distributed," York told reporters. "Literally, picture tens of millions of things attacking a data center. No matter the size and scale of the independent things, tens of millions of anything make up something large. And that's the complexity of this."

As The Washington Post explains, Dyn is one of just a few companies in its industry:

"The service that Dyn provides is called the Domain Name System, or DNS. It works sort of like a phone book for the Internet — translating URLs into the numerical IP addresses for the servers that actually host sites so your browser can connect to them. ...

"Dyn is one of a handful of major DNS service providers. Friday's attacks highlight how that structure can mean an attack on one company can disrupt huge chunks of the Internet all at once."

The attack on Dyn targeted DNS servers, which as Bloomberg aptly puts it "is like taking away all the road signs on a country's highway system." The White House says the Department of Homeland Security is monitoring the attack — and Dyn says it has received support from the entire industry, including not only its own clients, but even competitors.

Dyn General Counsel Dave Allen says some of the devices used in the attack were infected by malicious code known as the Mirai botnet. Here's how computer-security journalist Brian Krebs explains its impact on the universe of Wi-Fi-connected devices, known as the Internet of things, or IoT:

"Mirai scours the Web for so-called IoT devices protected by little more than factory-default usernames and passwords, and then enlists the devices in attacks that hurl junk traffic at an online target until it can no longer accommodate legitimate visitors or users."

Krebs says Mirai is the same malware strain used in another large attack, on his own site, in September — and the hacker who created it has now published its code on the Internet, "effectively letting anyone build their own attack army using Mirai," Krebs writes.

The attack on Dyn comes a day after the company's director of Internet analysis, Doug Madory, gave a presentation about DDoS attacks at an industry conference. Krebs says he and Madory had teamed up on research into "the sometimes blurry lines between certain DDoS mitigation firms and the cybercriminals apparently involved in launching some of the largest DDoS attacks the Internet has ever seen."

Copyright 2016 NPR. To see more, visit http://www.npr.org/.

Tower Frequencies

91.5 FM KANU Lawrence, Topeka, Kansas City
96.1 FM K241AR Lawrence (KPR2)
89.7 FM KANH Emporia
99.5 FM K258BT Manhattan
97.9 FM K250AY Manhattan (KPR2)
91.3 FM  KANV Junction City, Olsburg
89.9 FM K210CR Atchison
90.3 FM KANQ Chanute

See the Coverage Map for more details

Contact Us

Kansas Public Radio
1120 West 11th Street
Lawrence, KS 66044
Download Map
785-864-4530 (Main Line)
888-577-5268 (Toll Free)
contact@kansaspublicradio.org