Connectivity

Massive Internet Outage Could Be a Sign of Things to Come

Hackers have shown how they could take down the Internet.

On Friday morning, large swaths of the U.S. experienced a major Internet outage—and it was the kind of large-scale takedown of which security expert Bruce Schneier recently foretold.

The outage, which appears to have mainly affected the U.S. and predominantly the East coast, began at around 7:10 a.m. ET on Friday. Among the sites that suffered were Twitter, Reddit, Spotify, the New York Times, and even our own. (Update: A second attack hit Dyn at 11:52 a.m. ET. It is working to resolve the issue.)

It appears to have been caused by a large distributed denial of service (DDoS) attack leveled at the servers of the domain name system (DNS) host Dyn. A DDoS attack typically overwhelms a server with data requests in order to prevent normal users from having their own queries answered. The DNS is a large database that, among other things, converts a simple domain name into a more complex IP address from which data can be retrieved. Taking down a DNS server means that a user’s browser can’t use it to resolve which IP address to fetch the files of a Web page from.

Dyn appears to have responded to the outage quickly, mitigating the attack and restoring the function of its DNS records in around two hours. But during that time many users found it impossible to load some pages and site traffic fell dramatically.

DDoS attacks are nothing new. But Schneier has pointed out that they could soon become increasingly problematic. “Recently, some of the major companies that provide the basic infrastructure that makes the Internet work have seen an increase in DDoS attacks against them,” he explained in a blog post. “These attacks are significantly larger than the ones they're used to seeing. They last longer. They're more sophisticated.”

In fact, Schneier pointed out last month that a new wave of attacks also seems to be more investigative than previous DDoS assaults. Many of the attacks appear to be testing servers rather than taking them offline, by gradually increasing barrages of requests at one part of the server to see what it can withstand, then moving on to another, and another. Schneier warned that “someone is learning how to take down the Internet.”

The Dyn attack was clearly more than a test, and its severity certainly fits with Schneier’s hypothesis that someone, somewhere is trying to learn how to cause widespread disruption. The question of who is behind attacks like this, though, remains unanswered. Criminals are unlikely to be motivated by such attacks, as there’s little to gain from them other than widespread disruption. That lends some weight to Schneier’s suggestion that a large nation state, such as China or Russia, could be developing large-scale DDoS capabilities. Though it’s impossible to say for sure.

The good news is that the DNS is by definition a distributed database: copies of the same information can be found across the Internet. That makes it fairly robust. But as the Dyn incident reveals, it still takes time for DNS hosts to recover from attacks. If hackers were to take down several servers at once, the effect could be even more pronounced—a threat that could yet be realized.

The latest Insider Conversation is live! Listen to the story behind the story.

Subscribe today
Already a Premium subscriber? Log in.

Uh oh–you've read all of your free articles for this month.

Insider Premium
$179.95/yr US PRICE

More from Connectivity

What it means to be constantly connected with each other and vast sources of information.

Want more award-winning journalism? Subscribe to Insider Plus.
  • Insider Plus {! insider.prices.plus !}*

    {! insider.display.menuOptionsLabel !}

    Everything included in Insider Basic, plus ad-free web experience, select discounts to partner offerings and MIT Technology Review events

    See details+

    What's Included

    Bimonthly magazine delivery and unlimited 24/7 access to MIT Technology Review’s website

    The Download: our daily newsletter of what's important in technology and innovation

    Access to the magazine PDF archive—thousands of articles going back to 1899 at your fingertips

    Special discounts to select partner offerings

    Discount to MIT Technology Review events

    Ad-free web experience

/
You've read all of your free articles this month. This is your last free article this month. You've read of free articles this month. or  for unlimited online access.