On October 21, 2016, three consecutive
distributed denial-of-service attacks were launched against the
Domain Name System (DNS) provider
Dyn. The attack caused major Internet platforms and services to be unavailable to large swathes of users in Europe and North America.
The groups
Anonymous
Anonymous may refer to:
* Anonymity, the state of an individual's identity, or personally identifiable information, being publicly unknown
** Anonymous work, a work of art or literature that has an unnamed or unknown creator or author
* Anonym ...
and New World Hackers claimed responsibility for the attack, but scant evidence was provided.
As a DNS provider, Dyn provides to end-users the service of mapping an Internet
domain name—when, for instance, entered into a
web browser—to its corresponding
IP address. The
distributed denial-of-service (DDoS) attack was accomplished through numerous DNS lookup requests from tens of millions of IP addresses.
The activities are believed to have been executed through a
botnet consisting of many
Internet-connected devices—such as
printers,
IP cameras,
residential gateways and
baby monitors—that had been infected with the
Mirai malware.
Affected services
Services affected by the attack included:
*
Airbnb
*
Amazon.com
*
Ancestry.com
Ancestry.com LLC is an American genealogy company based in Lehi, Utah. The largest for-profit genealogy company in the world, it operates a network of genealogical, historical records, and related genetic genealogy websites.
In November 2018, ...
* ''
The A.V. Club''
*
BBC
* ''
The Boston Globe''
*
Box
A box (plural: boxes) is a container used for the storage or transportation of its contents. Most boxes have flat, parallel, rectangular sides. Boxes can be very small (like a matchbox) or very large (like a shipping box for furniture), and can ...
* ''
Business Insider''
*
CNN
*
Comcast
Comcast Corporation (formerly known as American Cable Systems and Comcast Holdings),Before the AT&T merger in 2001, the parent company was Comcast Holdings Corporation. Comcast Holdings Corporation now refers to a subsidiary of Comcast Corpora ...
*
CrunchBase
*
DirecTV
* ''
The Elder Scrolls Online''
*
Electronic Arts
*
Etsy
*
Evergreen ILS
*
FiveThirtyEight
*
Fox News
* ''
The Guardian''
*
GitHub
*
Grubhub
*
HBO
Home Box Office (HBO) is an American premium television network, which is the flagship property of namesake parent subsidiary Home Box Office, Inc., itself a unit owned by Warner Bros. Discovery. The overall Home Box Office business unit is ba ...
*
Heroku
*
HostGator
HostGator is a Houston-based provider of Shared web hosting service, shared, reseller, virtual private server, and Dedicated hosting service, dedicated web hosting with an additional presence in Austin, Texas.
History
HostGator was founded in Oc ...
*
iHeartRadio
iHeartRadio (often shortened to just "iHeart") is an American freemium broadcast, podcast and radio streaming Computing platform, platform owned by iHeartMedia. It was founded in August 2008. , iHeartRadio was functioning as the national umbr ...
*
Imgur
*
Indiegogo
*
Mashable
Mashable is a digital media platform, news website and entertainment company founded by Pete Cashmore in 2005.
History
Mashable was founded by Pete Cashmore while living in Aberdeen, Scotland, in July 2005. Early iterations of the site were a ...
*
National Hockey League
*
Netflix
* ''
The New York Times''
*
Overstock.com
Overstock.com, Inc. is an American internet retailer selling primarily furniture headquartered in Midvale, Utah, near Salt Lake City. Businessman Patrick M. Byrne founded Overstock.com in 1999. The company initially sold exclusively surplus and ...
*
PayPal
*
Pinterest
*
Pixlr
*
PlayStation Network
PlayStation Network (PSN) is a digital media entertainment service provided by Sony Interactive Entertainment. Launched in November 2006, PSN was originally conceived for the PlayStation video game consoles, but soon extended to encompass smartp ...
*
Qualtrics
*
Quora
*
Reddit
*
Roblox
*
Ruby Lane
Ruby Lane is considered one of the biggest vintage online retail stores.
Business profile
Ruby Lane sells antiques, vintage collectibles, vintage fashion, jewelry, dolls, and art for retail sale by independent member dealers. Ruby Lane shops se ...
* ''
RuneScape''
*
SaneBox
SaneBox is an email management software as a service that integrates with IMAP and Exchange Web Services (EWS) email accounts. Its primary function is to filter email messages that it deems unimportant into a folder for later processing.
Histo ...
*
Seamless
* ''
Second Life''
*
Shopify
*
Slack
Slack may refer to:
Places
* Slack, West Yorkshire, a village in Calderdale, England
* The Slack, a village in County Durham, England
* Slack (river), a river in Pas-de-Calais department, France
* Slacks Creek, Queensland, a suburb of Logan City, ...
*
SoundCloud
*
Squarespace
*
Spotify
*
Starbucks
Starbucks Corporation is an American multinational chain of coffeehouses and roastery reserves headquartered in Seattle, Washington. It is the world's largest coffeehouse chain.
As of November 2021, the company had 33,833 stores in 80 c ...
*
Storify
Storify was a social network service that let the user create stories or timelines using social media such as Twitter, Facebook and Instagram. Storify was launched in September 2010, and had been open to the public since April 2011. Storify was ...
*
Swedish Civil Contingencies Agency[Joel Westerholm.]
Så sänktes Twitter och Regeringen.se i attacken
, Sveriges Radio
Sveriges Radio AB (, "Sweden's Radio") is Sweden's national publicly funded radio broadcaster. Sveriges Radio is a public limited company, owned by an independent foundation, previously funded through a licensing fee, the level of which is d ...
, 24 October 2016. Retrieved 30 October 2016.
*
Swedish Government
The Government of the Kingdom of Sweden ( sv, Konungariket Sveriges regering) is the national cabinet of Sweden, and the country's executive authority.
The Government consists of the Prime Ministerappointed and dismissed by the Speaker of the R ...
*
Tumblr
*
Twilio
*
Twitter
*
Verizon Communications
*
Visa
*
Vox Media
*
Walgreens
* ''
The Wall Street Journal''
*
Wikia
* ''
Wired''
*
Wix.com
Wix.com Ltd. ( he, וויקס.קום) is an Israeli software company, publicly listed in the US, that provides cloud-based web development services. It allows users to create HTML5 websites and mobile sites through the use of online drag and dr ...
*
WWE Network
*
Xbox Live
The Xbox network, formerly and still sometimes branded as Xbox Live, is an Internet, online multiplayer video game, multiplayer gaming and digital media delivery service created and operated by Microsoft. It was first made available to the Xbox ...
*
Yammer
Yammer () is an enterprise social networking service that is part of the Microsoft 365 family of products. It is used mainly for private communication within organizations but is also used for networks spanning various organizations. Access to a ...
*
Yelp
*
Zillow
Investigation
The
US Department of Homeland Security started an investigation into the attacks, according to a
White House source.
No group of hackers claimed responsibility during or in the immediate aftermath of the attack. Dyn's chief strategist said in an interview that the assaults on the company's servers were very complex and unlike everyday DDoS attacks.
Barbara Simons
Barbara Bluestein Simons (born January 26, 1941) is an American computer scientist and the former president of the Association for Computing Machinery (ACM). She is a Ph.D. graduate of the University of California, Berkeley and spent her early ca ...
, a member of the advisory board of the United States
Election Assistance Commission
The Election Assistance Commission (EAC) is an independent agency of the United States government created by the Help America Vote Act of 2002 (HAVA). The Commission serves as a national clearinghouse and resource of information regarding electi ...
, said such attacks could affect
electronic voting for overseas military or civilians.
Dyn disclosed that, according to business risk intelligence firm FlashPoint and
Akamai Technologies, the attack was a
botnet coordinated through numerous
Internet of Things
The Internet of things (IoT) describes physical objects (or groups of such objects) with sensors, processing ability, software and other technologies that connect and exchange data with other devices and systems over the Internet or other comm ...
-enabled (IoT) devices, including
cameras,
residential gateways, and
baby monitors, that had been infected with
Mirai malware. The attribution of the attack to the Mirai botnet had been previously reported by BackConnect Inc., another security firm. Dyn stated that they were receiving malicious requests from tens of millions of
IP addresses.
Mirai is designed to
brute-force the security on an IoT device, allowing it to be controlled remotely.
Cybersecurity investigator
Brian Krebs noted that the source code for Mirai had been released onto the Internet in an
open-source
Open source is source code that is made freely available for possible modification and redistribution. Products include permission to use the source code, design documents, or content of the product. The open-source model is a decentralized sof ...
manner some weeks prior, which made the investigation of the perpetrator more difficult.
On 25 October 2016, US President Obama stated that the investigators still had no idea who carried out the cyberattack.
On 13 December 2017, the Justice Department announced that three men (Paras Jha, 21, Josiah White, 20, and Dalton Norman, 21) had entered guilty pleas in cybercrime cases relating to the Mirai and clickfraud botnets.
Perpetrators
In correspondence with the website ''
Politico'',
hacktivist groups SpainSquad,
Anonymous
Anonymous may refer to:
* Anonymity, the state of an individual's identity, or personally identifiable information, being publicly unknown
** Anonymous work, a work of art or literature that has an unnamed or unknown creator or author
* Anonym ...
, and New World Hackers claimed responsibility for the attack in retaliation against
Ecuador's rescinding Internet access to
WikiLeaks founder
Julian Assange
Julian Paul Assange ( ; Hawkins; born 3 July 1971) is an Australian editor, publisher, and activist who founded WikiLeaks in 2006. WikiLeaks came to international attention in 2010 when it published a series of leaks provided by U.S. Army inte ...
, at their
embassy in London, where he had been granted
asylum.
This claim has yet to be confirmed.
WikiLeaks alluded to the attack on
Twitter, tweeting "Mr. Assange is still alive and WikiLeaks is still publishing. We ask supporters to stop taking down the US internet. You proved your point."
New World Hackers has claimed responsibility in the past for similar attacks targeting sites like
BBC and
ESPN.com.
On October 26, FlashPoint stated that the attack was most likely done by
script kiddies.
A November 17, 2016, a ''Forbes'' article reported that the attack was likely carried out by "an angry gamer".
A September 20, 2018, a WeLiveSecurity article stated that its three creators meant it as a way of gaining an advantage in fierce competition surrounding the computer game
Minecraft – by preventing players from using competitors’ servers and driving them to their own servers in order to ultimately make money off them.
On December 9, 2020, one of the perpetrators pleaded guilty to taking part in the attack. The perpetrator's name was withheld due to his or her age.
See also
*
WannaCry ransomware attack
*
Mirai (malware)
*
Vulnerability (computing)
References
{{DEFAULTSORT:Dyn cyberattack, October 2016
2016 in computing
Denial-of-service attacks
October 2016 crimes in Europe
October 2016 crimes in the United States
Internet of things
WikiLeaks
Botnets
Malware
Domain Name System
Hacking in the 2010s
Cloud infrastructure attacks and failures
2010s internet outages