A massive DDoS attack against a major DNS service likely using a botnet of IoT devices resulted in Internet issues across the eastern United States Friday, making it hard for many users to access their favorite sites.
Phew. That’s a lot of acronyms.
To better understand what’s going on with the Internet today, let’s unpack that sentence. There are four key terms you should know:
DDoS: DDoS stands for “Distributed Denial of Service.” In a DDoS attack, the attacker sends a bunch of bogus Internet traffic to a targeted server or other system, in the hopes of overloading it and knocking it offline. (There are different and more complex kinds of DDoS attacks, but let’s not get too wonky here.)
DNS: The DNS, or Domain Name System, is essentially the phone book of the Internet. Let’s say you type www.time.com into your Internet browser. Our site, like all other sites, actually lives at a numerical address. But it’s much easier to remember “www.time.com” than, say, “188.8.131.52.” When you type a .com into your browser, your browser uses DNS to match that URL with the address of the website you want to visit, bringing you to the right destination. Targeting DNS, then, is a way for a hacker to mess with lots of websites at once, without attacking any single site in particular—think of it as the carpet bombing of cyberattacks.
Botnet: A botnet is a network of computers under the control of a single user—it’s short for “robot network.” Hackers often build botnets by infecting people’s computers with malware, giving the hacker control of that computer, often without the owner’s knowledge. Botnets with enough computers or other devices can be used in massive DDoS attacks—the hacker controlling them just points their traffic at the target, more or less. (Botnet access is often sold and rented on the dark web.)
IoT: Short for the “Internet of Things,” the IoT includes all the new gadgets that suddenly have Internet connections, from connected refrigerators to smart cars. Some security experts have worried that many of these new devices aren’t being properly secured. Indeed, Dyn, the company targeted by Friday’s DDoS attack, believes that a botnet made up of IoT devices is being used in the digital assault. That same botnet was involved in a major DDoS attack last month, considered the largest such incident recorded.
To sum up: A hacker or hackers with access to a bunch of computers and other Internet-connected devices used those computers to send a bunch of bogus traffic to the Internet’s phone book, making it hard or impossible for your Internet browser to locate and deliver your favorite sites.