The DDoS attack that shut down large swaths of the internet on Friday has shown Americans one serious crack in our cybersecurity infrastructure. Information security is now a matter of national security. With no debates remaining between now and Election Day, Hillary Clinton and Donald Trump will not have to answer to the public about their plan to protect the internet.
Most internet users have never needed to know how cyberattacks work. But when the cyberattack means that you can’t get to your Twitter or your Spotify, well, then it’s personal. The attack also took out Netflix, Amazon, and Reddit. Here’s what you should know:
For starters, DDoS stands for “distributed denial of service.” This means that many users (hence the “distributed” part) couldn’t reach the web sites (that’s the “denial of service” part).
So, you can’t get to your favorite web sites. Does that mean that those sites were attacked? Well, not directly.
This DDoS attack targeted a company called Dyn. Dyn is a large DNS lookup service company, which means it functions like a phone operator for the Internet. You type in a URL, and Dyn looks it up, and connects you to the phone number (in this metaphor, a server) – and in the blink of an eye, you’re on the site you were looking for.
When you look up “RedAlertPolitics.com,” a DNS lookup service like Dyn directs your web browser to our servers.
The attackers figured out a way to hit Dyn with a huge number of fake requests. Dyn doesn’t have a way of knowing that they’re fake, so it started looking them all up. The system was so overwhelmed that when you or I entered in a site URL managed by Dyn, we got an error message. The attack came in three waves and hit different parts of the country at different times.
DDoS attacks are not generally very sophisticated, however, an attack of this size and scope would have required significant resources and coordination. This could be a state actor, a known hacking group, or a previously unknown entity using this attack as its debut. There is some speculation that this attack was a “dry run” for a larger attack that would cripple a larger portion of the internet. No motive has been publicly identified.
The FBI and the Department of Homeland Security have announced that they are investigating the attack. The LA Times reported that, “’Investigators have come to a preliminary conclusion as to who carried them out, but are not planning to make that public for now,’ [a federal official speaking on condition of anonymity] said.”
An attack like this could do serious harm to the world economy, especially if it were to disrupt the way banking transactions are handled over the internet. The Obama Administration’s response to this will be a crucial part of this president’s national security legacy.