Waves of cyber attacks hit Netflix, Spotify, Twitter

SAN FRANCISCO — At least two successive waves of online attacks blocked multiple major websites Friday, at times making it impossible for many users on the East Coast to access Twitter, Spotify, Netflix, Amazon, Tumblr and Reddit.

The first attacks appear to have begun around 7:10 am Friday, then resolved towards 9:30 am, but then a fresh wave began.

The cause was a large-scale distributed denial of service attack (DDoS) against Internet performance company Dyn that blocked user access to many popular sites.
Dyn reported the sites going down at around 11:10 a.m. UTC, or roughly 7:10 a.m. ET, posting on its website that it “began monitoring and mitigating a DDoS attack against our Dyn Managed DNS infrastructure.”

In an update posted at 8:45 a.m. ET, the company confirmed the attack, noting that “this attack is mainly impacting US East and is impacting Managed DNS customers in this region. Our Engineers are continuing to work on mitigating this issue.”

White House Press Secretary Josh Earnest said the Department of Homeland Security was “monitoring the situation” but that “at this point I don’t have any information about who may be responsible for this malicious activity.”

It was unclear Friday if the attacks are focused on Dyn specifically or companies that it provides services to, said Carl Herberger, vice president of security at security company Radware.

The attack is “consistent with record-setting sized cyberattacks seen in the last few weeks,” he said.

He noted that easy-to-use computer code that allows even amateurs to create to create robot networks, so-called ‘bot nets’, to attack websites was released by hackers earlier this month
Others worried the attack could be from a nation-state rather than simply an individual seeking to wreak havoc.

“This is not a script kiddie,” said Markus Jakobsson, chief scientist at Agari, a computer security firm based in San Mateo, Calif. By that he meant unskilled hackers who use others’ programs, or scripts, to hack into systems because they lack the expertise to write their own software.

“This not just an instant job, this is something that was probably worked on for weeks if not for months by really competent people,” he said.

Amazon, whose web service AWS hosts many of the web’s popular destinations including Netflix, also reported East Coast issues around the same time. In an update posted at 9:36 a.m. ET it said that it had “been resolved and the service is operating normally.”

Amazon noted that it was suffering from a “hostname” issue and it was not immediately clear if it was related to the DDoS attack Dyn received.

Source | usatoday