US internet repeatedly disrupted by cyberattacks

Staff/wire report

A cyberattack against a major domain name system provider disrupted internet service to a number of websites – including smaller ones such as Vindy.com – for large sections of the United States on Friday.

The attack began about 7:10 a.m. and targeted Dyn Inc., a major DNS provider to a number of popular websites and the operator of Dynamic DNS, a DNS service aimed at smaller hosting entities, according to a Dyn Inc’s status logs.

Politico reported Friday that hacktivist groups Anonymous and New World Hackers claimed responsibility for the attacks and suggested they were undertaken in retaliation to the Ecuadorian embassy’s cutting off WikiLeaks founder Julian Assange’s internet access Tuesday.

Responsibility for the attack has not been confirmed, and groups claiming to be Anonymous hackers have falsely claimed responsibility for high-profile cyberattacks in the past.

WikiLeaks issued a statement Friday evening on Twitter saying, “Mr. Assange is still alive, and WikiLeaks is still publishing. We ask supporters to stop taking down the US internet. You proved your point.”

Wesley Stanton, a senior at Youngstown State University and the president of the university’s Information Security and Ethical Hacking Association, said the recovery time for distributed denial of service (DDOS) attacks is dependent upon the time it takes to locate the source of the attack.

“It could be anywhere from a few minutes to days or longer depending on how long it takes to find where the attacks originated,” Stanton said.

Michael Slavens, an application engineer managing cybersecurity at ABB, a Cleveland-based digital technologies company, said DDOS attacks are particularly hard to combat because systems analysts have difficulty determining which traffic is legitimate site traffic and which traffic is part of the attack.

The level of disruption was difficult to gauge, but Dyn provides internet traffic management and optimization services to some of the biggest names on the web, including Twitter, Netflix, Visa and Spotify.

A DNS translates the name of a website, such as “www.netflix.com” into an address that browsers can find. A DDOS attack uses massive amounts of data to overwhelm the servers of its target, disrupting the service.

In a phone interview with the AP, Steve Grobman, chief technology officer at Intel Security, likened the attacks to someone tearing up a map or destroying a GPS before trying to navigate to a department store.

“It doesn’t matter that the store is fully open or operational if you have no idea how to get there,” Grobman said.

The attack was originally believed by security analysts to be a complex DDOS attack and was later attributed to an Internet of Things based botnet attack, according Dale Drew, Level 3 Communications chief security officer.

The Internet of Things refers to the internetworking of internet-enabled physical devices, such as smartphones, smartwatches, security cameras, vehicles and other electronics that are capable of sharing data. In a typical DDOS attack, the systems used to generate the traffic needed to disrupt service are often malware infected computers connected to the internet. The attack that disrupted Dyn Inc, according to Drew, originated from compromised smart devices.