Record DDoS attack slowed down the Internet

A series of DDoS attacks against Dyn Inc, a large DNS hosting provider serving top online service providers, made many services including Twitter, PayPal, Reddit and Spotify temporarily unavailable, and have slowed down some Internet traffic across the globe. DDoS attacks overloaded the DNS servers with junk requests, thereby disabling the resolution of domain addresses of major clients into their IP addresses, and rendering these services unavailable. The attacks, believed to be based on the recently released “Mirai” malware that creates an Internet of Things (IoT) botnet by exploiting millions of unsecured connected devices such as cameras or printers, achieved a peak of over 1.2Tbps – double the volume of the ‘Mirai’-driven attack against “Krebs on Security” website recorded last week. While global media covers the developments with great interest, and the hacking group Anonymous commented that “someone literally tried to take down the Internet”, there are numerous speculations who might be behind the attack: cyber-criminals testing the new weapons against the most resilient Internet segments such as Dyn DNS hosting; supporters of WikiLeaks; state-sponsored groups testing their cyber-capabilities to put down the Internet; or a hacker group New World Hackers from China and Russia that have allegedly taken the responsibility. One thing is certain: the attacks embody the fears that the mass distribution of the “insecure-by-design” IoT products (including by vendors such as Samsung and Toshiba) enables highly powerful cyber-weapons that can target even the most resilient components of the Internet, and eventually shut down its large segments, if not the Internet itself.