Molly Schuetz and Paul Barbagallo
Problems experienced by Internet users across the Eastern U.S. appear to have eased, with most sites back online after web-hosting services were invaded by hackers.
Dyn Inc., a significant Domain Name Server that facilitates the loading of web pages, said service was restored at 9:20 a.m. New York time after a DDoS, or distributed denial of service, attack that left people without access to Twitter, Spotify, Reddit and The New York Times, among other sites.
Don’t miss your chance to take part in the world’s first global cyber insurance event – live on your desktop Nov 2
Separately, Amazon Web Services said on its “ service health dashboard” site that it has identified the root cause of the Internet issues affecting users along the East Coast, without elaborating further, and is “currently working to resolve.” It wasn’t immediately clear if the web outages were related, or whether Amazon Web Services was also the victim of a hack.
In targeting the internet’s DNS, the attackers exploit the underlying technology that governs how the web functions, making the hack far more powerful and widespread.
The DNS translates website names into the Internet Protocol addresses that computers use to look up and access sites. But it has a design flaw: Sending a routine data request to a DNS server from one computer, the attacker can trick the system into sending a monster file of IP addresses back to the intended target. Multiply that by tens of thousands of computers under the hackers’ control, and the wall of data that flooded back was enormous.
Copyright Bloomberg 2016