DDoS Attack Friday 10-21-2016

DDoS Attack FridayDDoS Attack Friday 10-21-2016

The DDoS Attack Friday morning started early around 7am and then again at noon eastern standard time. The attacks have taken down a number of major sites. Twitter and Reddit are among the big players hit hard by the attack. However a number of smaller sites are affected, the full extent is not known at this time.

“Starting at 11:10 UTC [7:10 EDT] on October 21st-Friday 2016 we began monitoring and mitigating a DDoS attack against our Dyn Managed DNS [domain name system] infrastructure,” Dyn reported. Dyn said the attack was resolved less than two hours later, by 9:20 EDT. However another attack took place just before noon EST.

DDoS Attack FridaySites taken down by the DDoS attack today:

• Twitter
• SoundCloud
• Spotify
• Netflix
• Reddit
• PayPal
• Shopify + more


The victim, DYN!

The attack on DYN comes just hours after DYN researcher Doug Madory presented a talk on DDoS attacks in Dallas, Texas at a meeting of the North American Network Operators Group (NANOG). DYN is working hard to resolve the issue. However, DYN has a status page that is navigable at this time https://www.dynstatus.com/



The botnet is suspected to be using IoT computers to distribute the botnet.

“The internet of things (IoT) is the internetworking of physical devices, vehicles (also referred to as “connected devices” and “smart devices”), buildings and other items—embedded with electronics, software, sensors, actuators, and network connectivity that enable these objects to collect and exchange data. In 2013 the Global Standards Initiative on Internet of Things (IoT-GSI) defined the IoT as “the infrastructure of the information society.” The IoT allows objects to be sensed and/or controlled remotely across existing network infrastructure, creating opportunities for more direct integration of the physical world into computer-based systems, and resulting in improved efficiency, accuracy and economic benefit. When IoT is augmented with sensors and actuators, the technology becomes an instance of the more general class of cyber-physical systems, which also encompasses technologies such as smart grids, smart homes, intelligent transportation and smart cities. Each thing is uniquely identifiable through its embedded computing system but is able to interoperate within the existing Internet infrastructure. Experts estimate that the IoT will consist of almost 50 billion objects by 2020.” – https://en.wikipedia.org/wiki/Internet_of_things

A botnet is simply a collection of these types of devices or computers working together to perform a task. In this case a DDoS attack on DYN.

October 21st, 2016 by
%d bloggers like this: