Is your internet down today? You’re not alone. A massive DDOS attack against DNS provider, Dyn, has taken down a number of the world’s largest websites including Reddit, Twitter, Spotify, Netflix, Amazon, PayPal and more.
What is a DNS?
How did this happen? Well in order to understand how this happened, one must first understand how a DNS works. When any device is hooked onto the internet, it gets an IP address which is a number such as 184.108.40.206. This number identifies your computer to the world, but if you’re say Netflix and you want people to find you as netflix.com rather than 220.127.116.11, you need someone to translate netflix.com into the IP address for Netflix’s servers. This is where the DNS comes in.
The DNS, or Domain Name Server, translates domain names such as www.netflix.com, www.amazon.com, or even www.custompcreview.com and into an IP address to point your computer to where it needs to go. While the world has many DNS servers, the problem is that if your ISP happens to be using a downed DNS or the service you’re trying to reach happens to be on a downed DNS, then poof. No internet unless you know the IP addresses of every website you want to reach.
How do you take down a DNS?
One way to take down a DNS as demonstrated today is by a DDOS, or Distributed Denial of Service, attack. By packaging malware in illegal downloads, e-mails, hacking unpatched devices, etc. hackers are able to infect millions of computers, routers, TVs, smartphones, and these days even refrigerators and washing machines. Basically anything with an internet connection. Then they can use all these devices to basically flood the DNS (or any device with an IP address) with so much useless traffic that legitimate traffic isn’t able to communicate.
How can you prevent this from happening?
Well, DDOS attacks are difficult to prevent, but there are ways to mitigate it. Websites and ISPs for example could use multiple DNS providers so if one goes down, another can step in. For most of us however, the most important thing is to update all of our devices and routinely run anti-virus and anti-malware checks. This includes stuff like routers, IP cameras, refrigerators, washing machines and other things you wouldn’t normally think of. By doing this, it reduces the number of infected systems which can be used in these attacks.
What’s the status now?
Dyn has resolved the first huge DDOS attack however, at this time they were still working on mitigating several new attacks as well. While many of the services have gone back online, some are still experiencing some intermittent issues. More information can be found in Dyn’s status page here.