• Articles
    • Editorial Articles
    • Research Articles
    • WatchGuard Articles
  • The 443 Podcast
  • Threat Landscape
  • About
    • About Us
    • Contact Us
    • Contribute to Secplicity

Secplicity - Security Simplified

Powered by WatchGuard Technologies

DDoS Attacks Down Dyn – Daily Security Byte

October 24, 2016 By Corey Nachreiner

Early Friday morning, a number of well known sites like Twitter, NetFlix, Amazon, Github and Reddit went down due to a large distributed denial of service (DDoS) attack. This attack continued throughout the day, causing intermittent outages to these popular web destinations. Unlike most DDoS attacks, this one did not directly target the sites in question. Rather, the attackers targeted Dyn, a less known but well used DNS management middleman. By going after DNS, a core component of Internet infrastructure, this DDoS attack affected many more sites than the average attack. Watch the video below to learn more about this attack, and what it may mean for the future of DDoS.

Episode Runtime: 5:34

Direct YouTube Link: https://www.youtube.com/watch?v=f1WKCogmBFI

EPISODE REFERENCES:

  • Why half the Internet shutdown today – Gizmodo
  • Dyn’s status update for the DDoS attack – DynStatus
  • How to use OpenDNS’s open DNS servers (helps during this sort of attack) – OpenDNS
  • Bruce Schneier’s blog post warning someone is learning to take down the Internet – Schneier.com

— Corey Nachreiner, CISSP (@SecAdept)

Share This:

Related

Filed Under: Security Bytes Tagged With: Infosec news

Comments

  1. Linas says

    October 31, 2016 at 7:12 am

    So not that the Botnets are attacking DNS providers instead of just so websites
    Do you think they will get involved and they to stop some of these attacks?

    Reply
    • Corey Nachreiner says

      November 17, 2016 at 1:39 pm

      Do you mean DNS providers. If so, I hope so… Really, I think ISPs and big network carriers are ones that need to help too. While it wasn’t the case for this Mirai DDoS attack, many other DDoS attacks still rely on spoofed packets. Spoofed packets are EASY to detect from an ISP, since they know all the ip space they manage. If they see packet leaving their network, spoofing some other IP space, they could block it (there are even some RFC and IETF docs talking about ISP doing this). So I certainly think upstream providers need to get more involved in blocking DDoS attacks.

      Reply

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

The 443 Podcast

A weekly podcast featuring the leading white-hat hackers and security researchers. Listen Now
the 443 podcast

Threat Landscape

Filter and view Firebox Feed data by type of attack, region, country, and date range. View Now
threat landscape

Top Posts

  • Cybersecurity News: Free Cybersecurity Training, TrickBot Group Exposed, Major GoDaddy Breach, and Russia to Legalize cybercrime?!
  • US National Cybersecurity Strategy
  • 3CX Supply Chain Attack
  • Here Come The Regulations

Email Newsletter

Sign up to get the latest security news and threat analysis delivered straight to your inbox

By signing up you agree to our Privacy Policy.


The views and opinions expressed on this website are those of the authors and do not necessarily reflect the policy or position of WatchGuard Technologies.

Stay in Touch

Recent Posts

  • 3CX Supply Chain Attack
  • The NSA’s Guidance on Securing Authentication
  • Cybersecurity News: LastPass Incident Revealed, White House Issues Cybersecurity Strategy, FBI Purchases Leaked USHOR PII Data, and a Slew of Other Breaches
  • An Update on Section 230
  • Here Come The Regulations
View All

Search

Archives

Copyright © 2023 WatchGuard Technologies · Cookie Policy · Privacy Policy · Terms of Use