A major Internet outage affected many of the world’s biggest online firms on Friday, with websites including Twitter, Netflix, Spotify, Reddit, PayPal and eBay down for long stretches. Other services such as PlayStation Network also appeared to be hit by the outage. Google and Facebook were unaffected.

The widespread disruption was the result of a coordinated assault on some of the underlying infrastructure that powers the Internet. Dyn, one of several companies responsible for hosting the crucial web directory known as the Domain Name System (DNS), suffered a sustained so-called “distributed denial of service” (DDoS) attack, leading many people intermittently to lose access to specific sites or to the Internet entirely.

A DDoS attack means hackers hijack vast numbers of internet-connected devices to swamp a victim’s website with so much junk traffic that it is unable to cope. Dyn, based in New Hampshire, said the attack began shortly after 4:30pm IST. Twitter, Netflix et al were not directly targeted, but the attack on Dyn – which reportedly serves around 30 Fortune 500 companies – affected users’ access to those sites.

The company indicated that the issue had been fixed by 7pm, but that the assault began again a couple of hours later. Just before 2:30pm IST the firm said on its status page that the “advanced service monitoring issue” had been resolved, but that its engineers were “still investigating and mitigating the attacks on our infrastructure.”

It still isn’t clear where the cyber-attack originated. Kyle York, Dyn’s chief strategist, told the New York Times that the hit on its servers was highly sophisticated. “This was not your everyday DDoS attack,” he told the newspaper, whose own website was affected by the incident. “The number and types of attacks, the duration of attacks and the complexity of these attacks are all on the rise,” Mr York warned.

In a recent essay entitled “Someone is Learning How to Take Down the Internet,” web security expert Bruce Schneier wrote that someone had been “extensively testing the core defensive capabilities of the companies that provide critical internet services.” Though no culprit has been identified, Mr Schneier suggested “it feels like a large nation state. China and Russia would be my first guesses.”

The US authorities are thought to be concerned that such attacks could be used in an attempt to somehow disrupt the coming presidential election. The Department of Homeland and Security and FBI were both investigating Friday’s attack, Reuters reported.

 

source: Independent