Skip to Content

Massive Internet Outage Could Be a Sign of Things to Come

Hackers have shown how they could take down the Internet.
October 21, 2016

On Friday morning, large swaths of the U.S. experienced a major Internet outage—and it was the kind of large-scale takedown of which security expert Bruce Schneier recently foretold.

The outage, which appears to have mainly affected the U.S. and predominantly the East coast, began at around 7:10 a.m. ET on Friday. Among the sites that suffered were Twitter, Reddit, Spotify, the New York Times, and even our own. (Update: A second attack hit Dyn at 11:52 a.m. ET. It is working to resolve the issue.)

It appears to have been caused by a large distributed denial of service (DDoS) attack leveled at the servers of the domain name system (DNS) host Dyn. A DDoS attack typically overwhelms a server with data requests in order to prevent normal users from having their own queries answered. The DNS is a large database that, among other things, converts a simple domain name into a more complex IP address from which data can be retrieved. Taking down a DNS server means that a user’s browser can’t use it to resolve which IP address to fetch the files of a Web page from.

Dyn appears to have responded to the outage quickly, mitigating the attack and restoring the function of its DNS records in around two hours. But during that time many users found it impossible to load some pages and site traffic fell dramatically.

DDoS attacks are nothing new. But Schneier has pointed out that they could soon become increasingly problematic. “Recently, some of the major companies that provide the basic infrastructure that makes the Internet work have seen an increase in DDoS attacks against them,” he explained in a blog post. “These attacks are significantly larger than the ones they're used to seeing. They last longer. They're more sophisticated.”

In fact, Schneier pointed out last month that a new wave of attacks also seems to be more investigative than previous DDoS assaults. Many of the attacks appear to be testing servers rather than taking them offline, by gradually increasing barrages of requests at one part of the server to see what it can withstand, then moving on to another, and another. Schneier warned that “someone is learning how to take down the Internet.”

The Dyn attack was clearly more than a test, and its severity certainly fits with Schneier’s hypothesis that someone, somewhere is trying to learn how to cause widespread disruption. The question of who is behind attacks like this, though, remains unanswered. Criminals are unlikely to be motivated by such attacks, as there’s little to gain from them other than widespread disruption. That lends some weight to Schneier’s suggestion that a large nation state, such as China or Russia, could be developing large-scale DDoS capabilities. Though it’s impossible to say for sure.

The good news is that the DNS is by definition a distributed database: copies of the same information can be found across the Internet. That makes it fairly robust. But as the Dyn incident reveals, it still takes time for DNS hosts to recover from attacks. If hackers were to take down several servers at once, the effect could be even more pronounced—a threat that could yet be realized.

Keep Reading

Most Popular

open sourcing language models concept
open sourcing language models concept

Meta has built a massive new language AI—and it’s giving it away for free

Facebook’s parent company is inviting researchers to pore over and pick apart the flaws in its version of GPT-3

transplant surgery
transplant surgery

The gene-edited pig heart given to a dying patient was infected with a pig virus

The first transplant of a genetically-modified pig heart into a human may have ended prematurely because of a well-known—and avoidable—risk.

Muhammad bin Salman funds anti-aging research
Muhammad bin Salman funds anti-aging research

Saudi Arabia plans to spend $1 billion a year discovering treatments to slow aging

The oil kingdom fears that its population is aging at an accelerated rate and hopes to test drugs to reverse the problem. First up might be the diabetes drug metformin.

Yann LeCun
Yann LeCun

Yann LeCun has a bold new vision for the future of AI

One of the godfathers of deep learning pulls together old ideas to sketch out a fresh path for AI, but raises as many questions as he answers.

Stay connected

Illustration by Rose WongIllustration by Rose Wong

Get the latest updates from
MIT Technology Review

Discover special offers, top stories, upcoming events, and more.

Thank you for submitting your email!

Explore more newsletters

It looks like something went wrong.

We’re having trouble saving your preferences. Try refreshing this page and updating them one more time. If you continue to get this message, reach out to us at customer-service@technologyreview.com with a list of newsletters you’d like to receive.