The Day the Internet Died

If you happen to live in the Eastern United States, or in and around Toronto, Canada you may have noticed that on Friday, October 21st you could not access some of your favorite websites for the majority of the day.

I was in Toronto. It was my first day “working from home” for a new job, the only requirement was having a good WiFi connection so that I could access my Zendesk account (the website our company–and a host of others–use to accept calls and correspond with our customers via email).

At 9AM I pulled out my laptop and got ready to get to work. To my horror, I could not connect to Zendesk. I double checked my WiFi connection, which was fine, but I kept getting an error message telling me “the DNS server either does not exist or is incorrect”. At a loss, I switched over to Spotify (a popular music streaming website) to play some jazz while I made a coffee and tried to figure out what was going on. No luck, Spotify was not working for me either.

As it turns out, I was experiencing the first of first of several major DDoS (Distributed Denial of Service) attacks on the DNS server belonging to a company called Dyn. There was a second larger attack later that day, around noon, and a third attack around 4PM, Eastern Time. The attack knocked out access to handful of major websites including Netflix, PayPal, Twitter, Spotify, Etsy, Comcast, Verizon and more.

Now to understand what this all means and why it was an important event in the history of the Internet, it might help to understand what a DNS server is. DNS stands for Domain Name System. You can think of a DNS server a bit like a phonebook. When you type in a website’s name like “Facebook” a DNS server translates that name into a series of numbers so that your computer can connect–a bit like looking up my phone number to talk to me.

A DDoS attack involves flooding a DNS server with requests and overwhelming the system. In this case it involved hijacking millions of unsecured internet-connected devices such as printers, webcams and even baby monitors. Of course Dyn has multiple security measures in place, but a DNS server must operate a bit like a hospital–every request that comes in must be admitted to facilitate traffic.

The DDoS attacks on October 21st were unprecedented in their scale and intensity. This was a coordinated and premeditated attack affecting millions of North Americans– and even parts of Europe. Check out our maps of the affected areas. The first map shows a broad view of all affected areas involved in the second attack. The second map zooms in on those affected in North America–the hardest hit are those areas in red. Not only was it inconvenient for your average internet user, it cost companies, such as Amazon and Airbnb, major losses in revenue. A disruption of this magnitude has major ecomwd1d2oydvmuyhdx4ugonomic implications and gestures toward a larger trend.

Awareness of the importance of cyber security is on the rise. Take the presidential debate, in which Clinton and Trump fired shots over who could best defend the nation against foreign cyber attacks. In the fashion world, ever a thermometer of popular sentiments, designers have adopted hacking cyber influences as a major trend. Cyber security is literally in Vogue

The reasons are simple: as technology and the internet become more advanced–and more ingrained in our everyday lives–so too will cyber criminals.

The DDoS attack on Dyn was accomplished, in large part, because a number of individuals are not walking the walk when it comes to shoring up their online security.

 

ddos-hits-websites

So how can you stay protected?

As part of the campaign for National Cyber Security Awareness Month–which started at the beginning of October–the National Cyber Security Alliance suggested these tips:

Own your online presence: Set the privacy and security settings on websites to your comfort level for information sharing. On websites like Facebook you can modify what the public sees by changing your privacy settings. It’s OK to limit how and with whom you share information.

Personal information is like money. Value it. Protect it.: Information about you, such as purchase history or location, has value – just like money. Be thoughtful about who gets that information and how it’s collected by apps and websites.

Keep a clean machine: Keep all software on internet-connected devices –including PCs, smartphones and tablets– up to date to reduce risk of infection from malware.

Staying vigilant about cyber security is a shared responsibility when using the internet. It can help prevent major attacks like the one on October 21st. It also keeps your devices running smoothly and helps to protect your personal information.

6 comments

  1. ABBAsFernando - Reply

    How about developing software (computer programs) to reverse what is being attempted on the computers of attackers?

    • FixMeStick - Reply

      Hi there,

      Online security is definitely an on-going battle– the more viruses are created the more counter measures are created. We’ll look into how we can cover that in future blog posts!

      –The FixMeStick Team

  2. Anonymous - Reply

    Funny you talk about Security issues like , “it’s private/consumers/peoples responsibility”, But what you should have said is;It’s Businesses Responsibility to keep their Systems secure, so we the people can have access to their servers…

    • FixMeStick - Reply

      Hi there,

      You’re right, businesses need to do their part for sure. In this case, DDoS attacks are about overwhelming a business like Dyn with requests from individuals– which is why this is where the focus was for this article. But stay tuned to the blog for more coverage on big business and cyber security!

      –The FixMeStick Team

Leave Comment

Your email address will not be published.