# Internet Attack Today Disrupts Major and Minor Websites



## phrelin (Jan 18, 2007)

I'm surprised no one has posted about this. Here are sample headlines:

*Dyn DDoS attack: Twitter, Reddit, Spotify, GitHub and more knocked offline*
*This Is Probably Why Half the Internet Shut Down Today [Update: It's Getting Worse]*
*When the Entire Internet Seems to Break at Once: The easiest way to take down the web is to attack people's access to it*
*The Possible Vendetta Behind the East Coast Web Slowdown *and
*Waves of cyber attacks hit Netflix, Spotify, Twitter* which offers this map:



> A map showing areas of Internet outages the morning of Friday, October 21, 2016. At the time, a
> distributed denial of service attack on Dyn, an Internet and DNS service provider was underway by
> unknown sources. The map was created by DownDetector, a company that tracks such outages.
> (Photo: DownDetector)


For me it's caused some minor problems as the sites I needed to get to weren't that important. Twitter, for example, has been and still is inaccessible for me since this morning and both it and I are located on the West Coast. But I do have to deal with an order from a company in Florida that I need to change.


----------



## tylorert (Sep 7, 2016)

phrelin said:


> I'm surprised no one has posted about this. Here are sample headlines:
> 
> *Dyn DDoS attack: Twitter, Reddit, Spotify, GitHub and more knocked offline*
> *This Is Probably Why Half the Internet Shut Down Today [Update: It's Getting Worse]*
> ...


Netflix had chinese text and missing cheriters and refused t0 load all the way


----------



## phrelin (Jan 18, 2007)

Update as of 20 minutes ago *West Coast now under web attack as East Coast recovers* and *Third cyber attack underway against internet firm*.

And for those who want to go to a bleak perspective from Gizmodo we have T*oday's Brutal DDoS Attack Is the Beginning of a Bleak Future*.


----------



## Cholly (Mar 22, 2004)

I've been on and off the web since around noon today, and haven't experiencced any problems so far.


----------



## phrelin (Jan 18, 2007)

Right now I can get on to Twitter again, if I want to, which I don't. And I can take care of modifying that order from Chewy.com. So for me, all is well.

But here's the outage map:


----------



## phrelin (Jan 18, 2007)

While there is a lot of paranoid speculation about the Russians, if you read from Bloomberg *The Possible Vendetta Behind the East Coast Web Slowdown* you get this seemingly highly plausible explanation:



> Though routine, DDoS assaults on companies like Dyn are on the rise in volume and power. The latest comes the day after Doug Madory, Dyn's director of Internet Analysis, gave a presentation at an industry conference about research he had done on questionable practices at BackConnect Inc., a firm that offers web services, including helping clients manage DDoS attacks. According to Madory, BackConnect had regularly spoofed internet addresses through a technique known as a "BGP hijack," an aggressive tactic that pushes the bounds of accepted cyber-security industry practices.
> 
> Madory's research was conducted with Brian Krebs, a well-known writer on computer-security issues, who also published an article based on the research last month. Within hours, his website was hit by a "extremely large and unusual" DDoS attack, he wrote.
> 
> The barrage likely originated with a large amount of poorly secured devices like internet-connected cameras, routers, and digital video recorders, according to an analysis of the attack on Krebs's site. These devices, collectively referred to as the "Internet of Things," have been the source of DDoS onslaughts since early 2015, Flashpoint and Level 3 Threat Research Labs said in a report published last month.


The problem is it is indicative of the vulnerability of having so easily adopted 21st Century technology. The article also tells you: "In 2012, a DDoS attack forced offline the websites of Bank of America Corp., JPMorgan Chase & Co., Citigroup Inc., Wells Fargo & Co., US Bancorp and PNC Financial Services Group Inc."

Now some are complaining that the government should be protecting us. Well, kids, the decision was made not to have the government run the internet. While I suppose they could fund hiring the best hackers in the world by putting a 20% excise tax on ISP charges with enthusiastic support of the typical American who thinks everything should be free (that's sarcasm), I don't think that's going to happen.

The fact is that between the vulnerability of the power grid and the internet, any nutcase whether associated with a rogue nation or just this guy...










...no one needs nuclear weapons to shut down the economies of the "first world." We all know that in our collective guts.


----------



## KyL416 (Nov 11, 2005)

tylorert said:


> Netflix had chinese text and missing cheriters and refused t0 load all the way


Don't read too much into that. Those characters are what display by default when some custom web based fonts can't load. If you're on a slower connection many times you see them popup first while the webfonts load.


----------



## Mark Holtz (Mar 23, 2002)

Right now, my home network is configured to use 8.8.8.8 and 8.8.4.4 as the DNS servers, and I have also 208.67.222.222 and 208.67.220.220 on standby. We operate our own DNS servers at work, and were unaffected, however, emails from our mail servers to other company servers were held up as the DNS refused to resolve.

Yesterday's incident shows just how fragile some of the underlying structure of the Internet really is. Some of the stuff that makes the Internet go is based upon protocols that are decades old. (See 9 truths that computer programmers know that most people don't). DNS, for example, dates back to 1984 with BIND, although there have been several revisions since then.


----------



## dpeters11 (May 30, 2007)

Mark Holtz said:


> Yesterday's incident shows just how fragile some of the underlying structure of the Internet really is. Some of the stuff that makes the Internet go is based upon protocols that are decades old. (See 9 truths that computer programmers know that most people don't). DNS, for example, dates back to 1984 with BIND, although there have been several revisions since then.


Vint Cerf has famously said that we need to fully move to the production version of the Internet, IPv6, that v4 and the 32 bit addressing was the experimental version.


----------



## Mark Holtz (Mar 23, 2002)

Dyn Statement on 10/21/2016 DDoS Attack


----------



## Dude111 (Aug 6, 2010)

Sadly I think this is just the beggining!!


----------



## sabrewulf (Sep 4, 2011)

Cyberwar is coming these are just a warning.


----------



## dpeters11 (May 30, 2007)

sabrewulf said:


> Cyberwar is coming these are just a warning.


A hacker group that took credit says it was a dry run of a bigger target. But you don't really know if they really were involved.

But with all the unsecured equipment out there on the net, there is a huge botnet ready and waiting for the next command.


----------



## Dude111 (Aug 6, 2010)

We dont really know who is doing it Mr. Peters!!


----------



## dpeters11 (May 30, 2007)

Dude111 said:


> We dont really know who is doing it Mr. Peters!!


No, we don't. However I'm pretty confident this won't be the last or the largest attack. Even if this hacker group were involved, it could easily be a hired gun. I believe the source code has also been released.


----------



## Mark Holtz (Mar 23, 2002)

To me, it sounds like it went along these lines....

Product functionality? CHECK!
Ease of use? CHECK!
Works with existing networks? CHECK!
Is it secure? That's not important, plus it conflicts with the Ease of Use requirement. SHIP IT!

Does anyone know how easy it is to get a list of default username/passwords for these devices? And, try to convince me that China isn't scanning my furewall.


----------



## dpeters11 (May 30, 2007)

Right, they don't want to need a tech support department, or at least much of one.


----------



## dpeters11 (May 30, 2007)

Flashpoint believes the outage was the work of script kiddies.

https://threatpost.com/dyn-ddos-work-of-script-kiddies-not-politically-motivated-hackers/121537/


----------



## phrelin (Jan 18, 2007)

This is kind of an amusing piece in _The Atlantic_ *The Inevitability of Being Hacked: We built a fake web toaster, and it was compromised in an hour.* It does offer this observation:



> This doesn't mean that every Internet-of-Things device is vulnerable. Most things that you connect to the web through your home WiFi are probably okay: Your router kills most incoming hacking attempts. (Of course, if your router is compromised...)


----------



## dpeters11 (May 30, 2007)

Well, maybe. If the router has UPnP enabled, a device can enable port forwarding through your router.


----------

