News

What's Behind The DDoS Attack?

by Morgan Brinlee
JUNG YEON-JE/AFP/Getty Images

It was a temporary moment of panic for many U.S. internet users when multiple websites were unavailable Friday following a distributed denial of service (DDoS) attack on one of the web's largest internet performance management companies. Amazon, Etsy, Netflix, Reddit, Spotify, and Twitter were among a slew of heavily-trafficked websites reporting interruptions or unavailable services due to a DDoS attack on Dyn, Inc. But why is Dyn being targeted in a cyber attack?

As an internet infrastructure company, Dyn provides websites with domain name servers (DNS), which translate URLs we know and love, like https://www.bustle.com, into IP addresses computers can read to track down and connect users to the desired content.

So, how exactly does a DDoS attack work? While the cyber attack carried out Friday was likely launched on a more complex scale — using botnets perhaps — the basic principle still applies. In a DDoS attack, an attacker overwhelms a recipient (in this case, Dyn's servers) with requests until the recipient can no longer handle the traffic, resulting in a severe slowdown, or in some cases, a shutdown, of service. It's because Dyn provides this service to so many websites that Friday's cyber attack has seemed like a widespread shutdown of the internet's best pages. Essentially, a DDoS attack on Dyn is like using one stone to hit dozens of birds.

In a statement released Friday, Dyn said it "began monitoring and mitigating a DDoS attack against our Dyn Managed DNS infrastructure" at 11:10 UTC. "Some customers may experience increased DNS query latency and delayed zone propagation during this time. ... Our Engineers are continuing to work on mitigating this issue." According to Dyn, the attack initially affected those on the East Coast, though its impact later spread across the United States.

But why Dyn and why now? For the moment, it's still unclear who's behind the three DDoS attacks launched against Dyn, although conspiracy theories abound — is it Russia disrupting business as usual in the United States or is it a move to keep Wikileaks trove of leaked Clinton emails hidden? Furthermore, it's unclear what the attacker's motivation might be, although the Department of Homeland Security told CNBC it was "looking into all potential causes."

Whatever the motivation for Friday's DDoS attacks against Dyn is, that the internet can be quickly destabilized in such a significant way is a serious cause for concern, reminding us all just how vulnerable the web's infrastructure really is.