Tens of millions of infected computers including a network made up of Âinternet of thingsÂ devices bombarded online traffic on Friday, disrupting a large proportion of the internet in a Âhistoric attackÂ.
Many users, especially on the east coast of the US, struggled to reach websites including Twitter, Spotify, Airbnb, and many more popular websites because of an attack on Dyn, a service which translates web addresses for many major companies.
Kyle York, DynÂs chief strategy officer, said the New Hampshire-based company was watching for any further attacks, after two successful and a third attempted attack on Friday. He said it was a Âhistoric attackÂ but the company did not yet know who was responsible.
ÂThe nature and source of the attack is under investigation, but it was a sophisticated attack across multiple attack vectors and internet locations,Â Mr York said in a blog post.
Dyn said that many of the internet protocol addresses flooding their service with requests in the attack, known as a distributed denial of service attack, were associated with the Mirai botnet, a network of internet of things devices that have been taken over by malicious software.
Flashpoint, a cyber security company that assisted Dyn in analysing the locations of the attack, said the Mirai malware targets devices such as digital video recorders, webcams and routers. The source code, or blueprint, for the malware was released online earlier this month.
There are now more than 6.2bn connected internet of things devices in the world, according to data from research firm Gartner, far more than conventional computers. Many have been designed without security in mind, manufactured by companies that do not usually connect their products to the internet, or made without basic measures such as passwords because of the memory or keyboard that might require.
Hackers used this network of vulnerable devices to target a bottleneck in the internet infrastructure. Dyn translates web addresses such as Facebook.com into a series of numbers that the internet can understand. By bombarding it with too much traffic, cyber criminals can disrupt several high profile websites at once.
If hackers can disrupt the internet this easily, it is certain with the rise of IoT devices that this sort of attack is likely to become more frequent in the future.