Cybersecurity expert Bruce Schneier wrote an essay last month warning that someone was “learning to take down the Internet,” and it seems especially prescient after a number of major websites were taken offline Friday amid a major cyberattack.
“Over the past year or two, someone has been probing the defences of the companies that run critical pieces of the Internet,” Schneier wrote in a blog post on Sep. 13. “These probes take the form of precisely calibrated attacks designed to determine exactly how well these companies can defend themselves, and what would be required to take them down.”
Now just over a month later, that “someone” — which Schneier believes is a nation-state — seems to have figured it out.
On Friday, a number of websites were affected by a major distributed denial-of-service attack, including Amazon, Twitter, Etsy, and Github. And interestingly, the attackers did not hit those sites specifically, but instead, directed a huge amount of traffic at Dyn, their domain name server (DNS) host.
Instead of hitting a single website, the attackers were able to take down a bunch of websites, using the same amount of work. That’s because Dyn acts as the internet phone book for websites, so when you type in businessinsider.com, it directs you to the right IP address.
Dyn is one of a number of companies that power the Internet infrastructure. People need DNS servers to get to the right place. And as Schneier argues, an attack on a company like Verisign — which helps register top-level domains like .com and .net — can cause a global blackout on email and traffic to those domains.
“Someone is extensively testing the core defensive capabilities of the companies that provide critical Internet services,” he wrote.
It’s important to point out that DDoS attacks like these are not “hacking.” Instead, they are a nuisance to internet companies that can cost them money to mitigate and add servers, while annoying users frustrated they cannot reach websites. And eventually, the sites will come back online once the attack is over.
“I think that DDoS attacks are the least sophisticated way to use compromised machines,” Matthew Prince, the CEO of CloudFlare, told Business Insider. “It’s kind of the cybersecurity equivalent of a caveman with a club.”
But, it’s still pretty troubling that we’re seeing more of these types of attacks. And unfortunately, it’s very likely to keep getting worse.