Hackers have attacked a major internet infrastructure company, causing intermittent disruptions Friday to websites and services, including Twitter, Reddit, Spotify and Airbnb.
The victim of the attack is a New Hampshire-based company called Dyn (pronounced "dine"). It might not be a household name, but Dyn is one of the companies that sit between you and some of the biggest websites and services — and help make sure that when you type in a Web address, your traffic is properly routed.
Dyn has been hit by a massive DDoS, or "distributed denial of service," attack. That's when hackers overwhelm a website with fake traffic to cause breakdowns. The ripples of the attack have spread across the internet, affecting the performance of many sites throughout the day. The attacks began around 7 a.m. ET, and about two hours later, Dyn reported that "all services have been restored to normal." Two and a half hours later, however, Dyn said it was again "monitoring and mitigating" a DDoS attack.
As the Washington Post explains, Dyn is one of just a few companies in its industry:
"The service that Dyn provides is called the Domain Name System, or DNS. It works sort of like a phone book for the Internet — translating URLs into the numerical IP addresses for the servers that actually host sites so your browser can connect to them. ...
"Dyn is one of a handful of major DNS service providers. Friday's attacks highlight how that structure can mean an attack on one company can disrupt huge chunks of the Internet all at once."
The attack on Dyn targeted DNS servers, which as Bloomberg aptly puts it "is like taking away all the road signs on a country's highway system." The White House says the Department of Homeland Security is monitoring the attack.
Brian Krebs, a high-profile computer-security journalist, has suggested the possibility of a link between this attack and another large-scale attack last month that had targeted his own website.
The attack on Dyn comes a day after the company's director of internet analysis, Doug Madory, gave a presentation about DDoS attacks at an industry conference. Krebs says he and Madory had teamed up on research into "the sometimes blurry lines between certain DDoS mitigation firms and the cybercriminals apparently involved in launching some of the largest DDoS attacks the internet has ever seen."