The FBI and US Department of Homeland Security are investigating a cyber attack that hit the US Saturday NZT, inhibiting the ability of millions of Americans to access major internet sites and services such as Twitter, SoundCloud, Spotify, iHeartRadio and Netflix.
The attack also fleetingly hit Kiwis, with Twitter unable to load images for New Zealand users for a brief period on Saturday morning as the so-called "internet of things" was hijacked en masse in a new style of internet attack.
A number of pundits, including CNN and Fox News contributor Jim Geraghty, have speculated it could have been a dress-rehearsal for an Election Day attack.
While most voting is manual and in-person, a number of states now allow online voting for Americans offshore on election day, or in the month running up to the November 8 ballot (many states also allow early voting from up to 30 days out; a handy service given the election is always on the first Tuesday in November, a workday. As of today, more than five million have voted). US troops stationed overseas can also vote electronically. And, of course, it would cause election day chaos if the compilation of results was delayed by internet outages.
Saturday's attack was also notable for being a new kind of cyber assault.
On one level it was familiar in that it was a DDoS (distributed denial of service) attack, used to overwhelm a service with connection attempts by automated "bots" so regular users of a site find it hard or impossible to access.
Whoever behind the attack was savvy in that they targeted Dyn, a major domain name system provider. DNS providers are like the switchboard of the internet, and zeroing in on Dyn was a clever way to disrupt access hundreds of sites and services at once, particularly for people in the northeast of the US. But again, that was not unique.
What set this attack apart was that DDoS attacks have historically relied on hijacking thousands of people's desktop and laptop computers, then using them as staging posts for a co-ordinated effort to swamp a website or service provider.
Saturday's effort was one of the first major DDoS attacks to utilise, in part, internet-connected gadgets – that is, anything from a security camera to a home wi-fi router to a smart power meter that has its own IP (internet protocol) address. Security expert Daniel Ayers points out it was not the first, however. "The 630Gbit/s DDos attack on Brian Krebs a few weeks ago exploited IoT [the "internet of things"] and analysis suggests that followKrebshe krebs attack the source code for that botnet was released and has been used in copycat attacks, including Dyn," he tells NBR.
Often lax security around connected gadgets has been a recurring theme for security analysts recently as the "internet of things" proliferated. Now, the general public has had a wake-up call.
On the plus side, the attack also showed, once again, the resilience of the internet's distributed architecture, which means there is no central point for hackers (or malicious governments) to target. Although tens of millions of IP addresses were hijacked in new and complex fashion, the attack was still repelled within hours.
Fingers have been pointed at China and Russia but so far no strong evidence has emerged of what group, or government, was been the attack.
This article is tagged with the following keywords. Find out more about MyNBR Tags
- New Warehouse executive explains his $150k Trump donation
- NBR Rich List family unable to settle dispute over $264k
- Bribery scandal shrouds owner of Scott Tech
- Another multi-million dollar claim casts a shadow over Carter Holt Harvey
- Cooperative Bank posts flat annual earnings as shrinking margins offset lending growth
Most listened to
- Lawyer Adina Thorn discusses her decision to launch a class action against Carter Holt Harvey over its Shadowclad product
- FMA's Rob Everett says confidence in capital markets is increasing
- NBR's Rob Hosking says housing and debt are the two things people haven't grasped about Budget 2017
- FNZC's John Norling on last week's star stocks and this week's outlook
- RedShield founder explains what makes his cyber service so attractive to Fortune 500 companies
- NBR Radio: best of the week ended May 26, with Grant Walker