Unknown hackers took over more than 100,000 internet-connected devices, many of them simple gad- gets like cable TV boxes and even baby crib monitors, to cripple a major internet service provider on Oct. 21. The attack left countless customers nationwide unable to get to popular services like Twitter, Amazon, Netflix, Spotify and PayPal.
The target of the attack was internet and domain service provider Dyn, a big New Hampshire company. The attack started at around 9 a.m. and mostly affected customers on the East Coast before things spread and caused service outages or slowed access to places across the country. Dyn programmers and others from outside the company regained control 11 hours later.
What worries internet security experts is that the hackers used a fairly simple malware called Mirai to take control of under protectedd simple gadgets that run on Linux—electronics like DVRs, home routers, thermostats and security camera systems. These devices were used to make a robot network (botnet) to flood Dyn with millions of useless messages and requests so that regular users are unable to access their online services.
This type of attack is known as a Distributed Denial of Service (DDoS) attack.
“It’s a very smart attack,” said Dyn Chief Strategy Officer Kyle York in a conference call with re- porters. “We start to mitigate, they react. It keeps happening every time. We’re learning though.”
Since the initial attack, Dyn has fought off two more attempts.