A Review Of Last Month’s One-day Internet Meltdown

By Luigi Calabrese

The Internet blew up one day during the middle of last month. This time it was big; possibly the largest attack yet. And the people who did it (they are a group of people who call themselves New World Hackers) say there is more to come. They specifically indicate they did this to “test power”. Here is what happened.

We are all familiar with the workings of the Internet. Most people know it to be a large conglomerate of connected networks, personal computers and servers that stores data, websites, games, pictures etc. We access the network through a series of ‘phone numbers’ that we call IP addresses. As a user, you don’t see the ‘phone number’ or IP address. Instead, you see a domain name. A topical example right now would be www.dyn.com (the actual company that was the target of the attack). This is a domain (web site address) that when you type it, cross references the IP address or phone number, and voila! Computer A (you) is now connected to Computer B’s (The DYN Server) website.

Last month, a smart group of ill-willed individuals launched what is known as a DDoS Attack. DDoS stands for “Distributed Denial of Service.” In a DDoS attack, the attacker sends enormous amounts of data packets of bogus Internet traffic to a user, website or web server, in the hopes of overloading it and knocking it offline.

This attack was clever. Those behind the scheme attacked not just any server but one of the larger DNS or “Phone Book” hosts of one of the big providers of Domain name look-up services. Their decision to attack DYN was clever. Attacking DYN meant also attacking their users, which are some of the largest sites on the web. Sites like Twitter, Spotify and Reddit, and a large number of other websites, were down or slowed down during this heavy attack.

Targeting DNS is a way for a hacker to attack the internet at the Web Server level with lots of websites being impacted at once, without attacking any single site in particular. They knew this going in.

Today’s Distributed Denial of Service attacks are growing in size, frequency and complexity. No one is immune to these attacks. For a business, application availability, website up-time and network infrastructure accessibility are all critical for business continuity. Every minute of downtime can result in lost productivity and revenue.

How do you create a DDOS Attack?

It is shockingly easy to create a DDOS attack. Sadly, like everything on the Internet, you can actually Google how to attempt to destroy the Internet. One way is to simply create a small or large network of infected machines that can distribute your attack plan via a virus or malware. Another way is by simply asking people on social media to run a utility.

Once installed, the originator can control remote computer behavior. This enables an army of packet murdering assassins at one’s finger tips. They effectively create traffic with the sole purpose of taking a user or website offline.

A DDOS attack does not actually disable your actual Internet, it just makes it harder for you to hit ‘certain’ sites while the attack is going on.

Why do people do this?

Some do it for fun, others for profit and some for harm.

For profit, there are people that actually ‘sell’ DDOS attacks to take a site down or impact the flow of information or news. This is particularly prevalent during periods of elections and related activities where there are strong views in either direction. Another is to influence the flow of information via the media. If you ‘crush’ the media sites you can effectively control or ‘shut off’ the flow of the same information that people are looking for.

There are other reasons to it. There are the old favorites – Business Reasoning, something called Hacktivism, and a fun one called Script Kiddies.

Business reasoning is an easy one to understand. If on-line store A is impacted then on-line store B can potentially benefit.

Hacktivism is the act of hacking, or breaking into a computer system, for a politically or socially motivated purpose. The individual who performs an act of hacktivism is said to be a hacktivist.

Script Kiddies are people who use existing computer scripts or code to hack into computers. It is generally assumed that script kiddies are juveniles who lack the ability to write sophisticated programs.

Will there be more to come? Threats coming from the New World Hackers indicate the answer is ‘yes’. Time will tell.

Luigi Calabrese is the President of Toronto-based Frontier Networks Inc., a provider of Broadband, Voice, Colocation and Physical Security Services. He is also a member and board member of YPO (Young President’s Organization).