Cyber warfare against Dyn is now being investigated by Homeland Security (as well it should be). Twitter, SoundCloud, Spotify, Shopify, and other websites have been inaccessible to many users throughout the day.
“We are actively in the third flank of this attack,” Dyn’s chief strategy officer Kyle Owen told reporters around 4:30 p.m. ET today. “It’s a very smart attack. As we mitigate, they react.” - Dyn chief strategy officer Kyle Owen
The fascinating angle of this one is that:
Dyn’s general counsel Dave Allen added that, with the help of other infrastructure companies Akamai and Flashpoint, Dyn has determined that some of the traffic used in the attacks comes from the Mirai botnet, a network of infected Internet of Things devices used in other recent large-scale DDoS attacks." - Techcrunch
Other sites experiencing issues include Amazon, Box, Boston Globe, New York Times, Github, Airbnb, Reddit, Freshbooks, Heroku and Vox Media properties. Below see the outage map.
“The complexity of the attacks is making it complicated for us. It’s so distributed, coming from tens of millions of source IP addresses around the world. What they’re doing is moving around the world with each attack,” - Kyle Owen
Security researcher Bruce Schneier reported in September that several internet infrastructure companies had been targeted with DDoS attacks, although they had not caused the kind of widespread outages experienced today. Shneier wrote that the attacks seemed designed to test companies’ defensive capabilities:
“These attacks are significantly larger than the ones they’re used to seeing. They last longer. They’re more sophisticated. And they look like probing. One week, the attack would start at a particular level of attack and slowly ramp up before stopping. The next week, it would start at that higher point and continue. And so on, along those lines, as if the attacker were looking for the exact point of failure.”
“Someone is extensively testing the core defensive capabilities of the companies that provide critical Internet services,” Schneier added." - Techcrunch
If you wish to see the attacks realtime, you can see them here: http://motherboard.vice.com/blog/a-live-map-of-ongoing-ddos-attacks or here: http://www.digitalattackmap.com/#anim=1&color=0&country=ALL&list=0&time=17095&view=map
Unfortunately, Norsecorp's website and really nice map are down.
Sources:
https://news.ycombinator.com/item?id=12759520
https://techcrunch.com/2016/10/21/many-sites-including-twitter-and-spotify-suffering-outage/
https://www.schneier.com/blog/archives/2016/09/someone_is_lear.html
http://drjbhl.joeuser.com/article/451447/The_Internet_of_Things_or_You_Have_Mail_from_your_fridge