Earlier this month, we warned our readers about this emerging threat, the perfect distributed-denial-of-service attack (DDoS) vector by the utilization of so-called "Internet of Things" (IoT) smart appliances. IoT appliances comprise of a plethora of everyday smart gadgets, such as security cameras/ webcams, thermostats, printers, kitchen tools and DVRs, that have been given a Jetson-esque upgrade with networking abilities and web connectivity.
Now, it looks like these kinds of unprecedented attacks using armies of smart appliances are starting to take hold, serving as a grim reminder that the internet is indeed a fragile place.
Last Friday morning, a massive DDoS cyber attack was launched against the internet infrastructure company Dyn. This attack was mainly aimed at Dyn's Domain Name System (DNS) services on the East Coast and it prevented major websites like Twitter, Spotify, Amazon, Netflix, CNN and PayPal from being accessed by millions of users.
A DDoS attack occurs when a targeted website or web server is flooded with an overwhelming amount of requests from millions of internet-connected machines in order to bring it down or prevent legitimate requests to the website from getting through.
The first attack started around 7:10 a.m. EST but the DNS issue was resolved by Dyn about two hours later at 10:22 a.m. EST. All of the affected websites and services appeared to be back to normal at that time. However, a second more globalized DDoS attack was detected at about 1:01 p.m. ET and disrupted Dyn's DNS services again. A third attack was likewise detected later that day. The company mitigated these issues that day and together with the FBI, is currently investigating the attacks.