In the early morning hours of Friday, October 21, 2016, many websites on the east coast of the United States simultaneously became inaccessible to users. Popular sites such as Twitter, Amazon, Netflix, PayPal and others appeared to go offline suddenly. This wasn’t a carefully orchestrated attack on each of these service providers, but rather a brute force distributed denial of service (DDoS) assault on a service each website requires to operate.
A DDoS is a type of cyberattack where a hacker, or group of hackers, orders Internet-connected personal devices from millions of unsuspecting individuals to simultaneously send information requests to a server. This involves a few components that we’ll explore individually.
First, think of a server under a DDoS attack as a club on a Saturday night. When traffic flows normally, the club operates as it should and guests enjoy their stay. If a mischievous individual decides to shut down the club, he or she could flood the local community with unlimited free drink coupons good only on a specific day and time. If the entire community shows up at the club and attempts to force their way inside, building occupancy will quickly exceed capacity, forcing the fire marshal to shut down operations.
So how do hackers convince individuals to use their personal devices to access a specific server at a set day and time? They don’t, at least not directly. In several Own Your Defense articles, you’ll read about the dangers of clicking on links or downloading files embedded in electronic messages. Those who don’t take heed of this warning may inadvertently, and unknowingly, give hackers access to their computing devices and personal data. Beyond robbing you of your cash or stealing your identity, cybercriminals can use millions of malware-infected computers to launch a simultaneous DDoS attack, overwhelming a server’s ability to handle the load.
In Friday’s attack, cybercriminals didn’t assault each impacted website. Instead, they chose to attack Dyn, a domain name system (DNS) service provider each site uses. This DNS service links Uniform Resource Locator (URL) names, such as ownyourfedense.net, with their numeric Internet Protocol (IP), such as 50.63.202.76. When the cybercriminals unleashed their storm, Dyn’s servers were unable to handle the massive, simultaneous load, preventing its systems from making the connection. The URL and IP connection is similar to using a translator at a United Nations meeting. If that translator becomes inoperable during an intense discussion, it would be extremely difficult to communicate with other world leaders speaking multiple foreign languages. Nothing would get done and the meeting would likely end prematurely.
Should you be worried when such an attack occurs? First, know that a hacker does not gain access to your personal data in a DDoS assault. This type of attack disrupts operations, but does not give a criminal access to sensitive information within the target system. You should, however, be worried if your personal Internet device has been corrupted by a cybercriminal for use in the operation. That’s why it’s imperative to avoid clicking on links or downloading files from emails, text messages, social media, and other digital connections sent to your inbox.
Your mission: resist the urge to click or download anything sent to you by anyone. It will substantially reduce the chances of your system falling into a criminal’s hands.