Skip to Content

Massive Internet Outage Could Be a Sign of Things to Come

Hackers have shown how they could take down the Internet.
October 21, 2016

On Friday morning, large swaths of the U.S. experienced a major Internet outage—and it was the kind of large-scale takedown of which security expert Bruce Schneier recently foretold.

The outage, which appears to have mainly affected the U.S. and predominantly the East coast, began at around 7:10 a.m. ET on Friday. Among the sites that suffered were Twitter, Reddit, Spotify, the New York Times, and even our own. (Update: A second attack hit Dyn at 11:52 a.m. ET. It is working to resolve the issue.)

It appears to have been caused by a large distributed denial of service (DDoS) attack leveled at the servers of the domain name system (DNS) host Dyn. A DDoS attack typically overwhelms a server with data requests in order to prevent normal users from having their own queries answered. The DNS is a large database that, among other things, converts a simple domain name into a more complex IP address from which data can be retrieved. Taking down a DNS server means that a user’s browser can’t use it to resolve which IP address to fetch the files of a Web page from.

Dyn appears to have responded to the outage quickly, mitigating the attack and restoring the function of its DNS records in around two hours. But during that time many users found it impossible to load some pages and site traffic fell dramatically.

DDoS attacks are nothing new. But Schneier has pointed out that they could soon become increasingly problematic. “Recently, some of the major companies that provide the basic infrastructure that makes the Internet work have seen an increase in DDoS attacks against them,” he explained in a blog post. “These attacks are significantly larger than the ones they're used to seeing. They last longer. They're more sophisticated.”

In fact, Schneier pointed out last month that a new wave of attacks also seems to be more investigative than previous DDoS assaults. Many of the attacks appear to be testing servers rather than taking them offline, by gradually increasing barrages of requests at one part of the server to see what it can withstand, then moving on to another, and another. Schneier warned that “someone is learning how to take down the Internet.”

The Dyn attack was clearly more than a test, and its severity certainly fits with Schneier’s hypothesis that someone, somewhere is trying to learn how to cause widespread disruption. The question of who is behind attacks like this, though, remains unanswered. Criminals are unlikely to be motivated by such attacks, as there’s little to gain from them other than widespread disruption. That lends some weight to Schneier’s suggestion that a large nation state, such as China or Russia, could be developing large-scale DDoS capabilities. Though it’s impossible to say for sure.

The good news is that the DNS is by definition a distributed database: copies of the same information can be found across the Internet. That makes it fairly robust. But as the Dyn incident reveals, it still takes time for DNS hosts to recover from attacks. If hackers were to take down several servers at once, the effect could be even more pronounced—a threat that could yet be realized.

Keep Reading

Most Popular

Large language models can do jaw-dropping things. But nobody knows exactly why.

And that's a problem. Figuring it out is one of the biggest scientific puzzles of our time and a crucial step towards controlling more powerful future models.

OpenAI teases an amazing new generative video model called Sora

The firm is sharing Sora with a small group of safety testers but the rest of us will have to wait to learn more.

Google’s Gemini is now in everything. Here’s how you can try it out.

Gmail, Docs, and more will now come with Gemini baked in. But Europeans will have to wait before they can download the app.

This baby with a head camera helped teach an AI how kids learn language

A neural network trained on the experiences of a single young child managed to learn one of the core components of language: how to match words to the objects they represent.

Stay connected

Illustration by Rose Wong

Get the latest updates from
MIT Technology Review

Discover special offers, top stories, upcoming events, and more.

Thank you for submitting your email!

Explore more newsletters

It looks like something went wrong.

We’re having trouble saving your preferences. Try refreshing this page and updating them one more time. If you continue to get this message, reach out to us at customer-service@technologyreview.com with a list of newsletters you’d like to receive.