Yesterday, October 21, 2016, more precisely on Friday, there was a massive DDoS attack on Dyn DNS. The DDoS attack that attacked the Managed DNS Network service caused some websites to become inaccessible.
Almost all Internet users in all parts of the world felt the effects of the disruption yesterday. In Indonesia yesterday around 10:00 p.m. to midnight, several websites such as Reddit, Twitter and other international websites could not be accessed properly.
What is DDoS?
Distributed Denial of Service, abbreviated as DDoS, is an attack aimed at making an online service unavailable and inaccessible. The disruption is performed by flooding the target or target with traffic/traffic visits from various sources.
DDoS attacks have various targets, usually banking services, news websites or other important objects on the internet that affect many people, and yesterday DDoS attacks targeted DNS services used by several major websites.
What is Dyn DNS?
Dyn DNS is a paid DNS service provider that promises speed and security when accessing any website or resource.
DNS stands for Domain Name System, which is used to change IP addresses like 220.127.116.11 to www.domain.com. For example, every time you access a domain like ngelag.com, your computer goes through a series of steps to convert ngelag.com to an IP address.
The IP address is on the server, and a server uses a DNS service, so the server IP address is referenced with a .
Dyn DNS is used by multiple servers and websites around the world. So when Dyn DNS service is attacked by DDoS, some websites cannot be accessed properly.
Websites affected by DDoS attacks October 21, 2016
Every website using the Dyn DNS service could not be accessed properly at the time of the attack and here are some websites that were affected by the massive DDoS attack on October 21, 2016.
- The AV Club
- The Boston Globe
- Business Insider
- The Elder Scrolls Online
- Electronic Arts
- The guard
- dig lift
- I listened to the radio
- National Hockey League
- The New York Times
- Playstation network
- Ruby Lane
- Save on computer
- Verizon Communications
- Vox Media
- The Wall Street Journal
Besides the website mentioned above, there are thousands of other websites internationally that cannot be accessed properly.
How much loss is caused by this DDoS attack?
It is difficult to calculate the casualties caused by yesterday’s attack, but in America alone the damage is estimated at $17,000,000,000 (seventeen billion dollars).
The loss is very big because the community and the company that owns the website that cannot be accessed lost their productivity.
What is the benefit of a DDoS attack against Dyn DNS?
Of course you are wondering why DDoS attacks against Dyn DNS work? What is inside? Here are some advantages for hackers when performing DDOS actions:
- Money, the first benefit is of course money, hackers can ransom Dyn DNS or the attacked websites if they want to stop DDoS attacks.
- Existence, big hackers need power, and attacking Dyn DNS is priceless pride because the impact is very large.
- Revenge, such an attack can also be triggered by some resentment towards the institution in question.
- When the attack was launched, it was unintentionally revealed that hackers lost control, so the attack was larger and more destructive than planned.
- On a whim, some hackers perform attacks based solely on trial and error.
Who Performs DDoS Attacks?
There are several answers to the above questions. WikiLeaks published a tweet Berisi: “Mr. Assange is still alive and WikiLeaks is still publishing. We are urging supporters to stop the US internet shutdown. You’ve proved your point. ”
Julian Assange is the founder of WikiLeaks, the above tweet is to inform that Julian Assange is currently doing well and the WikiLeaks website is not affected by the attack. But as Julian Assange knows, he is being targeted for divulging classified information about Hillary Clinton.
China or Russia
Yesterday’s attack had a major impact on the United States, and it’s been about a year or two since China and Russia had a less than harmonious relationship, particularly in the cyber world.
Mirai Bot is a botnet source code for Internet of Things (IoT) devices. Mirai Bot spreads and enters low-security devices. When Mirai Bot invades IoT devices in large numbers, DDoS attacks can be easily performed and it is very difficult to detect where the attack is coming from since all traffic is sent through Mirai Bot infected IoT devices around the world .
NBC News reports that North Korea was behind this attack, NBC News sources are direct from the US Department of Intelligence
Why can Dyn DNS be affected by DDoS attacks?
DDoS attacks are very difficult to prevent, like a hospital that has to admit all patients that come to the emergency room. Just like the Dyn DNS service, it must accept all incoming visitor traffic.
Because of this we couldn’t open some websites from Indonesia last night.