News

Did The DDoS Attack Compromise Your Personal Info?

by Morgan Brinlee

It was a rough start to the weekend for those who woke up Friday and found they were unable to start their Netflix binge-watching early thanks to a massive distributed denial of service (DDoS) attack on a little-known internet company. Much like yelling "bomb" in a crowded airport provokes hysteria, news a cyber attack that had made a slew of popular sites unavailable caused more than a few internet users to experience a moment of panic. For anyone wondering how safe their personal information was during the DDoS attack, fear not — or, perhaps just fear a little less — as today's hacking is still cause for alarm.

Service to several heavily-trafficked websites — Twitter, Spotify, Reddit, Etsy, Netflix, and SoundCloud to name only a few — was disrupted Friday following a DDoS attack on Dyn, an internet performance management company tasked with providing DNS services to these sites. DNS, or domain name systems, is a crucial but totally unseen part of the internet's infrastructure easily explained through a "phonebook" metaphor. When you type a URL, like bustle.com, into the address bar of your web browser, your computer needs that URL to be translated into an IP address before it can take you where you want to go. Computers look up and translate URLs to IP addresses using DNS.

Here's the thing about DDoS attacks — they're not geared toward stealing data. DDoS attacks are, as the name implies, looking to pull off a denial of service. By overwhelming a website or network with more information requests than it can handle, they're aiming to make information, at least temporarily, unavailable to internet users. However, a DDoS attack could, and has been, be used as a diversion to distract the victim from a much more malicious data theft attack. At this time, it's still unclear what the motive behind the three DDoS attacks carried out against Dyn was.

While Friday's string of DDoS attacks on Dyn may not have led to a compromise of your personal data, it's still a cause for concern. To flood Dyn with fake traffic, the hacker reportedly enlisted the help of hundreds of thousands of internet-connected devices like CCTV cameras, baby monitors, home routers, or DVRs — all without the owners and users of those devices knowing, according to the New York Times. It's a frightening look at just how easily the so-called Internet of Things can be used against us in cyber attacks and a reminder to keep your personal information secure.