The DDoS cyberattack on Dyn took place on October 21, 2016 and was based on multiple denial of service (DoS) attacks on systems operated by domain name provider (DNS) Dyn, which left large Internet platforms and services inaccessible to large number of users in Europe and North America It was a massive attack on the basic infrastructure of the Internet, using millions of IoT devices to run it. The New World Hackers group claimed responsibility for the attack. It is speculated that it was an attack to study, in a malicious way, the level of vulnerability of the most fundamental infrastructure of the Internet.
Dyn DDoS attack features
The attacks were possible due to the large number of unprotected digital devices connected to the Internet, such as home routers and surveillance cameras. The attackers made use of thousands of these devices, which had previously been infected with malicious code to form a botnet. The fact that these devices were used with the default (default) password made their infection possible, which later led to DDoS attacks. Since the default passwords for most devices are practically public knowledge.
According to Dyn, the distributed denial of service (DDoS) attack began at 7:00 a.m. EDT and impacted the infrastructure of millions of users for more than 2 hours, until it was resolved at 9:20 a.m. A second attack was reported at 11:52, when Internet users again reported difficulties in visiting websites, A third attack occurred at 4 in the afternoon.
Many services were impacted by this attack and there are several of the most used and critical for online commerce, online news and even other SaaS services of great importance, among them Airbnb, Amazon.com, Ancestry.com, The A.V. Club, BBC, The Boston Globe, Box, PayPal, Pinterest, Xbox Live, Twitter, and many other online services used in everyday life.
