Here is Why the Internet Shut Down

Categories: Security, Risk, and Compliance

You don’t realize how dependent you are on something until it’s gone. That was the first thought that ran through my head during Friday’s DDOS attack that shut down a majority of the internet.

While the jury is still out, this looks like one of the most impactful DDOS attacks that has ever taken place due to the fact that the hackers have targeted a key internet infrastructure provider, DYN. With every hour of downtime potentially costing organizations up to $20,000, the total impact of this attack could reach billions once everything is said and done. While DDOS attacks are not new by any means, what is nerve wracking about this attack is the sheer scale of the impact. Instead of targeting one organization with the attack, the hackers set their sights on something greater, a key piece of internet infrastructure that countless organization rely upon.

What happened?

CNN, Reddit, Paypal, HBO Now, Twitter and other website have been effected all at once due to the hackers flooding DYN’s network and effectively rendering their critical service useless for many. The scale of this attack has led people to believe that a botnet army was leveraged to harness the power of multiple infected internet connected devices (DVRs, Printers, tablets, etc.) to take down DYN. Once these devices were controlled, the hackers focused them on a single target as they flood the unsuspected organization’s network with requests. Once the network was flooded to the extreme, new requests (such as open up CNN’s homepage) could no longer be executed.

What made this attack novel?

As opposed to previous DDoS attacks which rely on traditional compute technologies, this attack appears to have been largely carried out using a bot-net army of internet connected devices, e.g. security cameras. This is an entirely new attack vector that has materialized as a direct result of an increasingly hyper connected world. As more thermostats, baby monitors, refrigerators, BBQ grills, coffee makers and soap dispensers are internet enabled for convenience, the bad guys are finding ways to exploit them and wreak havoc.

Final thoughts…

As we continue to connect every aspect of our lives to the internet, Friday is a startling reminder that there is a very real trade off between convenience and risk. I asked Cloudera’s Director of Cybersecurity Strategy, Sam Heywood, to weigh in on the recent attack. “Friday highlights that the ‘security perimeter’ is now more conceptual than physical and constantly evolving, which means the threat is constantly evolving as well. As the technical community continues to drive innovations that improve home safety, improve medical care, and transform transportation, it’s clear the bad guys will seek to exploit those same innovations for nefarious gains.”

The risk is real and the black hat community is putting the pressure on us all to rise to the occasion. My hope, as one person living in this new world, is that we all come together as one community to prepare ourselves for this new era.


Leave a Reply