Cyber attacks targeting a little known internet infrastructure company disrupt access to dozens of websites.Hackers unleashed a complex attack on the internet through common devices like webcams and digital recorders and cut access to some of the world's best known websites on Friday (October 21), a stunning breach of global internet stability.
The attacks struck Twitter, Paypal, Spotify and other customers of an infrastructure company in New Hampshire called Dyn, which acts as a switchboard for internet traffic.
The attackers used hundreds of thousands of internet-connected devices that had previously been infected with a malicious code that allowed them to cause outages that began in the Eastern United States and then spread to other parts of the country and Europe.
The U.S. Department of Homeland Security and the Federal Bureau of Investigation said they were investigating.
The disruptions come at a time of unprecedented fears about the cyber threat in the United States, where hackers have breached political organizations and election agencies.
Jay Kaplan of the security company Synack said denial of service attacks shouldn't expose vulnerable data.
"Denial of service attacks certainly don't instill confidence. But at the same time they don't necessarily cause data to be vulnerable. Right? We're talking about Web sites going down. We're talking about data not necessarily being able to be accessed. But at the same time, hackers are not able to get access to that data themselves. We're really just limiting the ability to perform normal functions over the internet," he said.
Friday's outages were intermittent and varied by geography. Users complained they could not reach dozens of internet destinations including Mashable, CNN, the New York Times, the Wall Street Journal, Yelp and some businesses hosted by Amazon.com.
Dyn said attacks were coming from millions of internet addresses, making it one of the largest attacks ever seen. Security experts said it was an especially potent type of distributed denial-of-service attack, or DDoS, in which attackers flood the targets with so much junk traffic that they freeze up.