Global internet outages continue as second wave of hacker attacks cripples web servers

James Titcomb 21 October 2016 • 6:12pm

Wires — The cyber attack took down the Dyn DNS Credit: EPA

Hundreds of popular websites were taken offline for hours on Friday after a critical internet point was hit by multiple cyber attacks.

Hackers brought sites including Twitter, eBay and The Telegraph offline for millions of users after targeting Dyn, a New Hampshire-based company that is responsible for routing internet traffic.

Nobody claimed responsibility but experts said they were simple enough to have been carried out by mischievous teenagers. There was no evidence that any personal data of internet users had been stolen or that individuals’ security had been compromised.

Dyn is one of a handful of “domain name server” (DNS) providers that operate the internet’s address book, ensuring that web addresses such as www.telegraph.co.uk make it to the correct website. If the provider goes offline, then computers do not receive directions to a website, meaning they fail to load pages.

Woah, what's happening with the Internet today? Look at this map from Level3 pic.twitter.com/VC8n7iY73E
— Alex Fitzpatrick (@AlexJamesFitz) October 21, 2016

A first attack on the company shortly after noon sent websites offline for more than two hours, and a second less than three hours later caused a further outage. It affected many of the biggest websites in the UK and the US, including several major news outlets, the music service Spotify and Reddit, the social network.

Dyn said the attackers had used a so-called distributed denial of service attack, in which they remotely take control of thousands of unsecured internet routers and computers and flood the target with traffic.

When an internet server is dealing with an overload, it is unable to respond to most normal queries, making it impossible for internet browsers to connect with websites. Attacks on DNS hosts are typically much more effective than targeting a single website because hundreds of sites rely on them to direct traffic.

“Domain Name Service providers are central to the operation of the Internet,” said Dave Larson, the chief technology officer of Corero, an internet security company. “So denial of service attacks targeted specifically against DNS providers can be especially damaging.”

The attack first took Dyn’s infrastructure offline shortly after midday. While service was restored at around 2.20pm, a second attack struck the company shortly before 5pm.

Denial of service attacks are simple but notoriously difficult to defend against, making them a favourite of internet pranksters. Using easily available software, hackers can scan for vulnerable computer systems and turn thousands of them against a single target.

A sharp increase in poorly secured internet devices, such as “smart” thermostats and televisions, has vastly increased the number of vulnerable systems in recent years, making attacks more effective.

“The relative ease at which [the] attacks are executed suggests that the perpetrators are most likely teenagers looking to cause mischief rather than malicious state-sponsored attackers,” said Robert Page, of Redscan, a security testing company.