Cyberattack on Manchester-based Dyn takes down Twitter, SpotifyFrom Staff and Wire Reports
October 21. 2016 1:09PM
MANCHESTER — Multiple cyberattacks on internet performance company Dyn wreaked online havoc Friday, knocking out user access to sites including Twitter, Netflix and Amazon for extended periods of time.
The attacks started around 7 a.m. and continued as Dyn — one of New Hampshire’s fastest growing companies and a high-profile player in global internet infrastructure — worked to resolve the repeated disruptions and prevent further penetrations. By going after Dyn, the unknown hackers delivered a wide-reaching blow to its customers and on down the line.
The attacks are credited with taking down a variety of sites, but some users found the sites accessible in Europe or via mobile phones.
Those Dyn customers rely on the Manchester-based company as their DNS provider, the company hosting their domain name.
The U.S. Department of Homeland Security is investigating ‘all potential causes’ of the Dyn attack, according to a spokesman.
Scott Hilton, the executive vice president of products at Dyn, said in a statement Friday that it experienced a distributed denial-of-service, or DDoS, attack against Dyn infrastructure that compromised the performance of their customers’ websites.
The attack was detected about 7:10 a.m., according to Dyn, and the DDoS attack is resulting in slowdowns for people trying to access the websites of clients affected.
Dyn said attacks were coming from tens of millions of Internet-connected devices — such as web cams, printers and thermostats — infected with malicious software that turns them into “bots” that can be used in massive distributed denial-of-service attacks.
“The complexity of the attacks is what’s making it very challenging for us,” said Dyn’s chief strategy officer, Kyle York.
Dyn said it had resolved one morning attack, which disrupted operations for about two hours, but disclosed a second a few hours later that was causing further disruptions.
Dyn said late on Friday that it was fighting the third major wave of attacks, which were being launched from locations spread across the globe, making them harder to fight.
A distributed denial-of-service attack involves many computers flooding the bandwidth and resources of a targeted computer system. When that system is overloaded, new connections are delayed or impossible.
It is the latest in an increasingly menacing string of denial-of-service attacks disrupting internet sites by overwhelming servers with web traffic. The U.S. Department of Homeland Security warned on Oct. 14 that hackers were infecting routers, printers, smart TVs and other connected devices to build powerful armies of “bots” that can shut down websites.
Dyn is a provider of services for managing domain name servers (DNS), which act as switchboards connecting internet traffic. Requests to access sites are transmitted through DNS servers that direct them to computers that host websites.
“They help route the traffic on the internet,” said Alec Newcomb, CEO of Portsmouth-based digital marketing firm Indri. “They’re attacking like the zipcode system of the internet. If you can’t look up the zipcode, you can’t send the mail.”
Newcomb said attacks like Friday’s disrupt internet sites by overwhelming servers with web traffic, resulting in a ripple effect that is both costly to businesses and frustrating for consumers.
While consumers can access websites typically with a simple address such as the company name followed by a “.com,” the actual internet address is a complicated series of coded numbers. Dyn basically holds the codes that connect the user to the desired site.
“To the average consumer all of this stuff is pretty opaque. Unless you’re pretty technical, all you see is ‘Hey, the services I normally count on to run my business are not working today,’” Newcomb said. “By going after Dyn and similar points like that, they’re trying to assert themselves and block your ability to see things.” Newcomb said some of his own customers called earlier Friday, frantic that the prolonged confusion was going to lead to drastic losses in sales. They weren’t alone.
The attack on Dyn extended to the likes of Twitter, Amazon and PayPal, to name a few. While much of the disruption was concentrated to the East Coast, reports of internet troubles Friday came from coast-to-coast.
“If all of the pipes are flooded with a whole bunch of garbage, it impacts everybody,” Newcomb said.
One of the calls to Newcomb came from Rich Williams, co-founder of a Brooklyn-based independent retailer called Modko. The company sells products for cats, starting with a specialty litter box designed to make life a little easier and more pleasant for cat owners.
Williams said Modko just launched a holiday special two days before and had been marketing it in advance for weeks. Williams arrived at work Friday hoping to leave with big sales, but the sales grew smaller every hour consumers couldn’t get through to modko.com.
“We lost a pretty good amount,” Williams said. “Not fun to drive people to a website that’s not working properly.”
Williams said the website was back up around 2:30 p.m. He wasn’t sure how much the downtime cost the company and it could be a while before anyone knows.
Newcomb said internet retailers like Modko lost the hours that their websites were down and untold numbers of customers during that time.
“It’s one of those things where two hours may have shifted peoples’ habits for the day,” he said.
Staff writer Doug Alden contributed to this report.