Skip to main content
close search
site logo
Dive Brief

Huge DDoS attack involved '10s of millions' of IP addresses, Dyn says

Published Oct. 24, 2016
By
Contributing Editor
By www.elbpresse.de (Own work) [CC BY-SA 4.0 (http://creativecommons.org/licenses/by-sa/4.0)], via Wikimedia Commons

Dive Brief:

  • The Distributed Denial of Service (DDoS) attack that hit DNS provider Dyn Friday was a sophisticated, highly distributed attack involving "10s of millions of IP addresses," the company said in a statement over the weekend. 

  • The attack, which came in three waves, disrupted service for many users trying to reach Twitter, Etsy, Github, Spotify, Reddit, Netflix and SoundCloud, among others, throughout the day on Friday. However, at no point did the company experience a full, system-wide outage. 

  • The Mirai botnet appears to have been one source of the traffic in the DDoS attack, according to analysis from Flashpoint and Akamai.

Dive Insight:

"While it’s not uncommon for Dyn’s Network Operations Center (NOC) team to mitigate DDoS attacks, it quickly became clear that this attack was different," said Kyle York, Dyn’s Chief Strategy Officer. The company is now conducting a "thorough root cause and forensic analysis, and will report what we know in a responsible fashion."

It took the Dyn NOC team about two hours to mitigate the first attack and restore service to customers. The second attack was resolved in about an hour, and Dyn successfully defended against the third wave of attack without customer impact. Many companies, however, experienced latency throughout the afternoon. 

DDoS attacks involving botnets appear to be on the rise. Last month, French hosting firm OVH was hit with two concurrent DDoS attacks attributed to botnets made up of 145,607 compromised IoT devices. 

A DDoS attack stemming from compromised IoT devices shows the advanced capabilities malicious actors have when targeting networks. Ensuring the devices remain secure could help stop such large-scale attacks from taking place. But, to prevent insecure devices, companies will have to bake in security measures rather than adding it on later as an afterthought. 

For those organizations using service providers, the attack is also a lesson in redundancy. Companies using more than one service provider have the chance to have few disruptions in the event of cyberattacks. 

Recommended Reading

Filed Under: Security

Editors' picks

Company Announcements

View all | Post a press release
Blackpoint Cyber Launches Global Partner Program and Enablement Platform Emphasizing a Focus o…
From Blackpoint Cyber
October 30, 2024
TrustNet Named 2024’s Best Compliance Advisory and Audit Firm at CDM’s Annual Top InfoSec Inno…
From TrustNet
November 06, 2024
Cosentino Drives Business Transformation with AI Powered by Celonis Process Intelligence
From Celonis
October 23, 2024
Newgen Recognized in Gartner® Magic Quadrant™ for Enterprise Low-code Application Platforms Fi…
From Newgen Software
October 30, 2024
Editors' picks
Latest in Security
image/svg+xml
Industry Dive is an Informa business
© 2024 Industry Dive. All rights reserved. | View our other publications | Privacy policy | Terms of use | Take down policy.
Cookie Preferences / Do Not Sell