Late last week, internet users had a rude awakening when popular websites like Twitter, Spotify, Reddit, and even The New York Times were down. Investigators soon discovered that, while the sites were malfunctioning, hackers had conducted a distributed denial of service (DDoS) attack on the servers of Dyn, which is a major DNS host.
When Dyn was attacked, its team tried to reassure customers that they were fixing the issue, writing, “Some customers may experience increased DNS query latency and delayed zone propagation during this time.” Despite any sites’ attempts to restore calm, there’s no doubt that it’s concerning how easily such major websites fell to this attack. Additionally, it could be argued that few people actually know what DDoS is and how it harmed so many different outlets.
For those who are not very tech savvy and want to know why this happened, Domain Name Servers (DNS) carry out requests to specific websites. When someone types a certain website into a search bar, individual nodes in his or her network begin communicating with other nodes using IP addresses. DNS then translates a URL into an IP address, making sure you arrive at the right site. It’s such a simple process that everyone almost takes it as a guarantee, hence many peoples’ meltdowns when the DDoS attack occurred.
So, how do the capabilities of DNS tie into the DDoS attack? DDoS attacks consist of using compromised computers to strike a system through an overload of server requests. Hackers can begin traffic through infected computers that is so powerful, it can circumvent any blocks put on a single IP address. On Friday, a similar overload happened to disrupt the servers of Dyn, which hosts several social media sites, Paypal, CNN, and HBO Now, among others. Confused users had no way of knowing that their computers had been tampered with, reflecting previous hacker attacks that used private computers infected with software called Botnet to bring down websites.
These kind of attacks are clearly more common than people realize and don’t exactly have an easy solution. Whenever a new kind of protection for services like Dyn comes up, hackers usually find new methods of attack to work around any improvements. For now, the best way to avoid hacker attacks on your go-to Dyn-hosted sites is to subscribe to multiple hosts, which is called DNS redundancy. If a site has several hosts, they have a chance of avoiding mass attacks like this one. There’s also the option of Transport Layer Security (TLS) which encrypts communication between your computer and a web server, making the server prove that it has actually reached the domain you need. People can apply it by typing “https” instead of “http” in a browser.
While several sites and browsers now use TLS by default, it’s not without its flaws, and there’s no solid method of protection from hacks. Although the Dyn breakdown was resolved within an hour, users and security companies should still be on the lookout for ways to prevent future massive attacks.
Source: Gizmodo 1, Gizmodo 2, The Recompiler, TechTarget, Gizmodo 3
Advertisement
Learn more about Electronic Products Magazine
