As I’m sure many people are now aware, a significant portion of the Internet is down in the United States as the result of a massive DDoS (Distributed Denial of Service) cyber attack. At the time of writing this, it is suspected that this was carried out by an IoT botnet attacking Dyn a DNS provider, possibly using the “Mirai” source code that was leaked recently. It is currently unknown who is behind the attack, but theories are ranging from Russia, a domestic attack from our own government for propaganda purposes, to the hacking collective anonymous.
Unlike previous DDoS attacks, they are targeting the DNS infrastructure that powers a significant portion of the Internet which is why so many websites are effected. It also appears that mostly API driven web services are the primary victims of this attack such as Twitter, and PayPal.
As someone who works in the cloud software and cyber security industry, it is exceedingly frustrating to witness an attack like this because these kinds of attacks can actually be mitigated and even prevented. The startup I’m working with right now, Stratus5 Cloudware, has technology that potentially could have mitigated this attack and enabled many of these companies to come back online with minimal downtime leveraging “No DNS” or Dynamic DNS solutions.
There is really no excuse for why such large companies are relying on a single DNS provider, including infrastructure providers. There is also little excuse for why DNS providers haven’t invested in more secure networks, and cloud orchestration technologies to be able to mitigate DDoS attacks. The future of the Internet and web services are dependent on reliability, and security, and unfortunately right now the cloud is clearly vulnerable.
We’ll see what happens after today’s attack, because as of writing of this many of the World’s most popular websites and web services are still currently offline.