On Friday morning, a large-scale hack of an internet domain hosting provider took prominent websites including Netflix, Amazon, Reddit, Twitter, and Vox offline.
Though many of the websites have since been restored, others remain compromised at the time of this article’s publication, the likely result of a second attack waged later in the morning.
As Mashable reported, Dyn, a New Hampshire-based company that hosts domain name systems, announced Friday morning it had been hacked.
“Dyn said at 9:20 a.m. ET that it resolved an attack that began at 7 a.m. ET Friday.
But at 11:52 a.m. ET, the company said an attack had resumed.”
The outlet explained just how central Domain Name Servers are to the basic functioning of the internet:
“Domain name systems (DNS) are essentially the GPS of the internet, taking the text URLs you type into a browser and figuring out where those websites’ data is located on the back end. So when you type mashable.com in a browser, it shows you both the real Mashable and can quickly and easily locate the nearest server that hosts the site’s data.”
In other words, as Gizmodo explained:
“Basically, they act as the Internet’s phone book and facilitate your request to go to a certain webpage and make sure you are taken to the right place.”
Wired noted that in both the 7 am and noon attacks, “traffic to Dyn’s Internet directory servers on the East Coast of the United States was stopped by a flood of malicious requests disrupting the system.”
Gizmodo reported emails from their readers seemed to suggest the second attack affected the West Coast and Europe.
See also: Internet could collapse by 2023, researchers warn
Some outages occurred in Asia but the United States took the brunt of the attack, which has been identified as a DDoS attack — a “distributed denial of service.” As detailed by Wired:
“A DDoS attack overwhelms a DNS server with lookup requests, rendering it incapable of completing any. That’s what makes attacking DNS so effective; rather than targeting individual sites, an attacker can take out the entire Internet for any end user whose DNS requests route through a given server.”
When a server is overwhelmed with malicious requests, as well as by unsuspecting users repeatedly hitting “refresh” on their browser and automatic re-requests, the system becomes even further stressed.
During the first outage, Dyn’s executive vice president, Scott Hilton, attempted to relieve concerns about the takedown. “We have been aggressively mitigating the DDoS attack against our infrastructure,” he said.
For now, it remains unknown where the attack originated. Companies whose websites were hit by the initial attack included Business Insider, CNN, Etsy, the Guardian, I Heart Radio, GrubHub, HBO Now, People, PayPal, Fox News, Urban Dictionary, the Wall Street Journal, Kayak, People, Weather.com, the New York Times, and many others.
Many of these sites have been restored, but sites like the Guardian, Twitter, Soundcloud, and People, for example, remain down at the time of this article’s publication.