Panic struck internet users everywhere on Friday after a handful of major sites were knocked offline with a massive wave of distributed denial-of-service (DDoS) attacks on Dyn, a widely-used internet infrastructure company. Twitter, Netflix, Spotify, Reddit, and Amazon were among the sites affected by the assault, and there’s no word yet on who’s responsible for it. However, the unprecedented scope of it had many internet users wondering when the last DDoS attack was, and whether it was anywhere as big as this one.
DDoS attacks are actually quite common — InformationWeek counted over 1,000 of them in the first quarter of 2016 alone. It’s just that usually, they don’t take down seemingly half of the entire internet. The last DDoS attack that came close to approaching the scale of this one happened in late September, when the hosting company OVH was hit with what was probably the largest DDoS attack to date. Around a week before that, the cybersecurity news site Krebs on Security was also hit with an enormous DDoS, and two weeks before that, World of Warcraft players suffered as host Blizzard’s servers were taken down briefly with a DDoS attack.
DDoS attacks target domain name servers (DNS), which are essentially a phone book for website lookup requests. Specifically, a DDoS attack functions by overloading a DNS server with more requests than it can handle, thus making it incapable of fulfilling any of them.
The attacks on OVH and Krebs on Security in September may have been “bigger” than Friday’s DDoS from a data standpoint: OVH’s servers were bombarded with around 1 terabyte of data per second (1tbs) during the assault, which security experts believed was the biggest to date and which could be larger than Friday’s attack. However, Friday’s DDoS was much more consequential to internet users on the whole, given the sheer number of highly-trafficked sites that were affected.
Dyn says it was hit with several waves of attacks on Friday, which they described as “well planned and executed, coming from tens of millions IP addresses at the same time.” Other sites affected by the attack include Vox, SBNation, the BBC, the New York Times and Urban Dictionary, though the access to many of those was restored later in the day.
It’s still unclear who is responsible for the attack, but WikiLeaks’ Julian Assange has a theory: Once Twitter was back online, Assange sent out a tweet begging his “supporters to stop taking down the US Internet.”
However, it’s unclear whether supporters of the Donald Trump-linked hacking site were indeed behind the DDoS. It’s entirely possible that we’ll never know who was responsible for Friday’s assault, as that is the nature of DDoS assaults. In the meantime, at least Twitter is back online.