Millions of Americans woke up on Oct. 21 to several major websites down. By the afternoon, the Department of Homeland Security was investigating the matter as an attack on DNS provider Dyn.
The attacks affected many major websites including Twitter, Netflix, Spotify, The New York Times, Reddit, Etsy, AirBnB, and Soundcloud, reports The New York Times.
These and other websites employ Manchester, New Hampshire-based company Dyn to help monitor and reroute Internet traffic for them using the Domain Name System (DNS).
However, just after 7:00 a.m. on Oct. 21, the servers at Dyn became flooded by a DDoS attack (or a Distributed Denial of Service attack) which overloads and shuts down the system.
“This was not your everyday DDos attack,” Kyle York, chief strategist for Dyn, said as the first attack was under way. By Friday afternoon, three waves of attacks hit Dyn. “The nature and source of the attack is still under investigation. We will be updating our users as soon as we learn more.”
Then, at 5:09 p.m. Eastern, Wikileaks tweeted a message about the attacks.
“Mr. Assange is still alive and WikiLeaks is still publishing,” the tweet began. “We ask supporters to stop taking down the US internet. You proved your point.”
The source of the attacks is still unclear.
Julian Assange, Wikileaks’ founder who has been holed up in the Ecuadorean embassy in London since 2012, had been “temporarily” disconnected from the Internet earlier in the week by the Ecuadorean government. The country’s foreign ministry acknowledged the action and suggested that it did so because Assange and Wikileaks were meddling in the US presidential election.
“The government of Ecuador respects the principles of nonintervention in the affairs of other nations, does not meddle in electoral campaigns nor support any candidate in particular,” a statement by the foreign ministry reads, reports The Washington Post.
However, in September, before Assange’s disconnection, Bruce Schneier, a cyber-security expert, wrote a blog stating that an unknown source was “probing” the “defenses” of large companies -- which includes probing their DNS security.
“Over the past year or two, someone has been probing the defenses of the companies that run critical pieces of the Internet,” Schneier’s post began. “These probes take the form of precisely calibrated attacks designed to determine exactly how well these companies can defend themselves, and what would be required to take them down. We don't know who is doing this, but it feels like a large nation state. China and Russia would be my first guesses.”