Massive cyberattack turned ordinary devices into weapons
LONDON — A cyberattack that took down large swaths of the internet around the world on Friday was carried out, in part, by unsuspecting devices connected to the internet.
Security firm Flashpoint said it believes that digital video recorders and webcams in people’s homes were taken over by malware and then, without owners’ knowledge, used to help execute the massive cyberattack.
Hundreds of thousands of devices appear to have have been infected with the malware.
It was a distributed denial-of-service, or DDoS, attack. Using the malware, hackers were able to flood a website with so much traffic that it impaired normal service.
The DDoS attack overwhelmed the servers of New Hampshire-based company Dyn and came in three waves Friday starting around 7 a.m. ET. Dyn says the attack has ended.
Dyn is part of the backbone of the internet. It works as a middleman to make sure that when you type in a URL like twitter.com, you get to the correct site.
As a result, throughout the day Friday many users were unable to connect to popular platforms like Twitter, Netflix, Spotify and the Financial Times in various parts of the U.S. and Europe — mainly the American northeast and the U.K.
Software IT company Dynatrace monitors more than 150 websites, and found that 77 were impacted Friday. The disruption may have lost companies up to $110 million in revenue and sales, according to CEO John van Siclen.
The FBI said Friday that it was “investigating all potential causes of the attack,” and the U.K.’s Home Office said it was looking into the matter.
So far, no one has pointed a finger at a particular group or nation.
“It’s too soon to know,” Doug Madory, a director at Dyn told CNNMoney.
The methods used in Friday’s attack were very similar to the one carried out against the website of cyber researcher Brian Krebs last month, as well as French internet service provider OVH, according to Flashpoint. It’s unknown if the attacks are related.
After the cyberattack against Krebs, the source code used to carry out the strike was released online. Since then other hackers have been using the malware to carry out their own attacks.
While DDoS attacks are nothing new, research shows they’re becoming increasingly sophisticated and frequent.
Friday’s cyber-blitz demonstrated just how vulnerable the internet’s infrastructure is to these type of bombardments.
— CNN’s Jim Sciutto, Sara O’Brien and Julia Horowitz contributed reporting.
By Samuel Burke