Cyber attacks disrupt Twitter, Spotify, other major sites across US

The FBI is also expected to participate in the investigation into the attack, two other US officials said.

By REUTERS
October 21, 2016 22:54
3 minute read.
Cyber hackers [illustrative]

Cyber hackers [illustrative]. (photo credit: REUTERS)

 
X

Dear Reader,
As you can imagine, more people are reading The Jerusalem Post than ever before. Nevertheless, traditional business models are no longer sustainable and high-quality publications, like ours, are being forced to look for new ways to keep going. Unlike many other news organizations, we have not put up a paywall. We want to keep our journalism open and accessible and be able to keep providing you with news and analyses from the frontlines of Israel, the Middle East and the Jewish World.

As one of our loyal readers, we ask you to be our partner.

For $5 a month you will receive access to the following:

  • A user experience almost completely free of ads
  • Access to our Premium Section
  • Content from the award-winning Jerusalem Report and our monthly magazine to learn Hebrew - Ivrit
  • A brand new ePaper featuring the daily newspaper as it appears in print in Israel

Help us grow and continue telling Israel’s story to the world.

Thank you,

Ronit Hasin-Hochman, CEO, Jerusalem Post Group
Yaakov Katz, Editor-in-Chief

UPGRADE YOUR JPOST EXPERIENCE FOR 5$ PER MONTH Show me later

Hackers unleashed a complex attack on the internet through common devices like webcams and digital recorders and cut access to some of the world's best known websites on Friday, a stunning breach of global internet stability.

The attacks struck Twitter, Paypal, Spotify and other customers of an infrastructure company in New Hampshire called Dyn, which acts as a switchboard for internet traffic.

Be the first to know - Join our Facebook page.


The attackers used hundreds of thousands of internet-connected devices that had previously been infected with a malicious code that allowed them to cause outages that began in the Eastern United States and then spread to other parts of the country and Europe.

"The complexity of the attacks is what's making it very challenging for us," said Dyn's chief strategy officer, Kyle York. The US Department of Homeland Security and the Federal Bureau of Investigation said they were investigating.

The disruptions come at a time of unprecedented fears about the cyber threat in the United States, where hackers have breached political organizations and election agencies.

Friday's outages were intermittent and varied by geography. Users complained they could not reach dozens of internet destinations including Mashable, CNN, the New York Times, the Wall Street Journal, Yelp and some businesses hosted by Amazon.com Inc.

Dyn said attacks were coming from millions of internet addresses, making it one of the largest attacks ever seen. Security experts said it was an especially potent type of distributed denial-of-service attack, or DDoS, in which attackers flood the targets with so much junk traffic that they freeze up.

JPOST VIDEOS THAT MIGHT INTEREST YOU:


VULNERABILITIES EXPLOITED Dyn said that at least some of the malicious traffic was coming from connected devices, including webcams and digital video recorders, that had been infected with control software named Mirai. Security researchers have previously raised concerns that such connected devices, sometimes referred to as the Internet of Things, lack proper security.

The Mirai code was dumped on the internet about a month ago, and criminal groups are now charging to employ it in cyber attacks, said Allison Nixon, director of security research at Flashpoint, which was helping Dyn analyze the attack.

Dale Drew, chief security officer at communications provider Level 3, said that other networks of compromised machines were also used in Friday's attack, suggesting that the perpetrator had rented access to several so-called botnets.

The attackers took advantage of traffic-routing services such as those offered by Alphabet Inc's Google and Cisco Systems Inc's OpenDNS to make it difficult for Dyn to root out bad traffic without also interfering with legitimate inquiries, Drew said.

"Dyn can't simply block the (Internet Protocol) addresses they are seeing, because that would be blocking Google or OpenDNS," said Matthew Prince, CEO of security and content delivery firm CloudFlare. "These are nasty attacks, some of the hardest to protect against." GOVERNMENT WARNED OF ATTACKS Drew and Nixon both said that the makers of connected devices needed to do far more to make sure that the gadgets can be updated after security flaws are discovered.

Big businesses should also have multiple vendors for core services like routing internet traffic, and security experts said those Dyn customers with backup domain name service providers would have stayed reachable.

The Department of Homeland Security last week issued a warning about attacks from the Internet of Things, following the release of the code for Mirai.

Attacking a large domain name service provider like Dyn can create massive disruptions because such firms are responsible for forwarding large volumes of internet traffic.

Dyn said it had resolved one morning attack, which disrupted operations for about two hours, but disclosed a second a few hours later that was causing further disruptions. By Friday evening it was fighting a third.

Amazon's web services division, one of the world's biggest cloud computing companies, reported that the issue temporarily affected users in Western Europe. Twitter and some news sites could not be accessed by some users in London late on Friday evening.

PayPal Holdings Inc said that the outage prevented some customers in "certain regions" from making payments. It apologized for the inconvenience and said that its networks had not been hacked.

A month ago, security guru Bruce Schneier wrote that someone, probably a country, had been testing increasing levels of denial-of-service attacks against unnamed core internet infrastructure providers in what seemed like a test of capability.

Nixon said there was no reason to think a national government was behind Friday's assaults, but attacks carried out on a for-hire basis are famously difficult to attribute.

Join Jerusalem Post Premium Plus now for just $5 and upgrade your experience with an ads-free website and exclusive content. Click here>>

Related Content

September 25, 2018
Opening the TLV-Jerusalem rail: From anticipation to political opportunism

By JPOST EDITORIAL