- Public Domain
Cybersecurity expert Bruce Schneier wrote an essay last month warning that someone was “learning how to take down the internet,” and it seems especially prescient after a number of major websites were taken offline Friday amid a major cyberattack.
“Over the past year or two, someone has been probing the defenses of the companies that run critical pieces of the internet,” Schneier wrote in a blog post on September 13. “These probes take the form of precisely calibrated attacks designed to determine exactly how well these companies can defend themselves, and what would be required to take them down.”
Just over a month later, that “someone” – which Schneier believes is a nation-state – seems to have figured it out.
On Friday, a number of websites were affected by a major distributed denial-of-service attack, including Amazon, Twitter, Etsy, and Github. And interestingly, the attackers did not hit those sites specifically, but instead directed a huge amount of traffic at Dyn, their Domain Name System host.
Instead of hitting a single website, the attackers were able to take down a bunch of websites with the same amount of work. That’s because Dyn acts as a sort of internet phone book for websites, so when you type in businessinsider.com, it directs you to the right IP address.
Dyn is one of a number of companies that power the internet infrastructure. People need DNS servers to get to the right place. And as Schneier argues, an attack on a company like Verisign – which helps register top-level domains like .com and .net – can cause a global blackout on email and traffic to those domains.
“Someone is extensively testing the core defensive capabilities of the companies that provide critical internet services,” he wrote.
It’s important to point out that DDoS attacks like these are not “hacking.” Instead, they are a nuisance to internet companies that can cost them money to mitigate and add servers, while annoying users frustrated they cannot reach websites. The sites will come back online once the attack is over.
“I think that DDoS attacks are the least sophisticated way to use compromised machines,” Matthew Prince, the CEO of CloudFlare, an internet security company, told Business Insider. “It’s kind of the cybersecurity equivalent of a caveman with a club.”
But it’s still pretty troubling that we’re seeing more of these types of attacks. And unfortunately, it’s very likely to keep getting worse.