On 21st October 2016, a cyber-attack on Dyn (Domain Name Service provider) disrupted traffic to hundreds of websites including Twitter, Amazon, the Financial Times, Airbnb, PayPal and Spotify, disabling access for millions of users. Dyn translates addresses that humans can read into IP addresses understood by the internet. The attack came just hours after the company’s researcher Doug Madory presented a talk in Texas on cyber criminals.
How was it done?
It was a distributed denial of service attack (DDoS). A network of computers – a botnet – was used to bombard a website with traffic from millions of hacked IP addresses. Security vulnerabilities of the Inter of Things was exploited for the attack. Devices such as Digital Video Recorders, printers and appliances connected to the internet were some of the sources used to create traffic, according to Dyn.
Who was it?
It is still not clear who could have initiated the attack
What was the motive behind the attack?
There seems to be three possibilities for the attack; Vandalism, Monetary heft and Business competitiveness. Vandalism, because the attack came just hours after the talk on cyber criminals. Monetary theft, because the attack may have been a smoke screen to steal data. Business competitiveness, because hackers are available on hire from the dark web, for initiating DDoS attacks.