“2016 Dyn cyberattack”的意思、由来-开放百科全书

The 2016 Dyn cyberattack was a series of distributed denial-of-service attacks (DDoS attacks) on October 21, 2016, targeting systems operated by Domain Name System (DNS) provider Dyn. The attack caused major Internet platforms and services to be unavailable to large swathes of users in Europe and North America.^[2]^[3] The groups Anonymous and New World Hackers claimed responsibility for the attack, but scant evidence was provided.^[4]

As a DNS provider, Dyn provides to end-users the service of mapping an Internet domain name—when, for instance, entered into a web browser—to its corresponding IP address. The distributed denial-of-service (DDoS) attack was accomplished through a large number of DNS lookup requests from tens of millions of IP addresses.^[5] The activities are believed to have been executed through a botnet consisting of a large number of Internet-connected devices—such as printers, IP cameras, residential gateways and baby monitors—that had been infected with the Mirai malware.

Timeline and impact

According to Dyn, a distributed denial-of-service (DDoS) attack began at 7:00 a.m. (EDT) and was resolved by 9:20 a.m. A second attack was reported at 11:52 a.m. and Internet users began reporting difficulties accessing websites.^[4]^[7] A third attack began in the afternoon, after 4:00 p.m.^[5]^[6] At 6:11 p.m., Dyn reported that they had resolved the issue.^[7]^[8]

Dyn Chief Strategy Officer and spokesperson Kyle York led the communication response with customers, partners and the market.

Affected services

Investigation

The US Department of Homeland Security started an investigation into the attacks, according to a White House source.^[2]^[31]^[32] No group of hackers claimed responsibility during or in the immediate aftermath of the attack.^[33] Dyn's chief strategist said in an interview that the assaults on the company's servers were very complex and unlike everyday DDoS attacks.^[34] Barbara Simons, a member of the advisory board of the United States Election Assistance Commission, said such attacks could affect electronic voting for overseas military or civilians.^[34]

Dyn disclosed that, according to business risk intelligence firm FlashPoint and Akamai Technologies, the attack was a botnet coordinated through a large number of Internet of Things-enabled (IoT) devices, including cameras, residential gateways, and baby monitors, that had been infected with Mirai malware. The attribution of the attack to the Mirai botnet had been previously reported by BackConnect Inc. another security firm.^[35] Dyn stated that they were receiving malicious requests from tens of millions of IP addresses.^[5]^[36] Mirai is designed to brute-force the security on an IoT device, allowing it to be controlled remotely.

Cybersecurity investigator Brian Krebs noted that the source code for Mirai had been released onto the Internet in an open-source manner some weeks prior, which will make the investigation of the perpetrator more difficult.^[37]

On 25 October 2016, US President Obama stated that the investigators still had no idea who carried out the cyberattack.^[38]

On 13 December 2017, the Justice Department announced that three men (Paras Jha, 21, Josiah White, 20, and Dalton Norman, 21) had entered guilty pleas in cybercrime cases relating to the Mirai and clickfraud botnets.^[39]

Perpetrators

In correspondence with the website Politico, hacktivist groups SpainSquad, Anonymous, and New World Hackers claimed responsibility for the attack in retaliation for Ecuador's rescinding Internet access to WikiLeaks founder Julian Assange, at their embassy in London, where he has been granted asylum.^[40] This claim has yet to be confirmed.^[40] WikiLeaks alluded to the attack on Twitter, tweeting "Mr. Assange is still alive and WikiLeaks is still publishing. We ask supporters to stop taking down the US internet. You proved your point."^[41] New World Hackers has claimed responsibility in the past for similar attacks targeting sites like BBC and ESPN.com.^[42]

On October 26, FlashPoint stated that the attack was most likely done by script kiddies.^[43]

A November 17, 2016 Forbes article reported that the attack was likely carried out by "an angry gamer".^[44]

See also

References

1. ^{{cite web|url=http://downdetector.com/status/level3/map/|title=Level3 outage? Current problems and outages|author=|date=|work=downdetector.com|accessdate=23 October 2016}}
2. ^¹{{Cite web|url=https://techcrunch.com/2016/10/21/many-sites-including-twitter-and-spotify-suffering-outage/|title=Many sites including Twitter, Shopify and Spotify suffering outage|last=Etherington|first=Darrell|last2=Conger|first2=Kate|website=TechCrunch|access-date=2016-10-21}}
3. ^{{Cite news|url=https://www.bloomberg.com/news/articles/2016-10-21/internet-service-disrupted-in-large-parts-of-eastern-u-s|title=The Possible Vendetta Behind the East Coast Web Slowdown|newspaper=Bloomberg.com|access-date=2016-10-21}}
4. ^{{cite web|url=http://mashable.com/2016/10/21/sites-across-internet-struggle-after-cyberattack/#GhV2k1eYmOqV|title=Sites across the internet suffer outage after cyberattack|website=mashable.com|publisher=Mashable|accessdate=October 21, 2016}}
5. ^¹²{{Cite news|url=https://www.wired.com/2016/10/internet-outage-ddos-dns-dyn/|title=What We Know About Friday’s Massive East Coast Internet Outage|last=Newman|first=Lily Hay|newspaper=WIRED|language=en-US|access-date=2016-10-21}}
6. ^¹{{cite news|last1=Lovelace Jr.|first1=Berkeley|title=After cyberassault KOs Amazon, Twitter, Spotify, third attack reported|url=https://www.cnbc.com/2016/10/21/major-websites-across-east-coast-knocked-out-in-apparent-ddos-attack.html|accessdate=21 October 2016|work=CNBC|date=21 October 2016}}
7. ^{{cite web|title=Dyn, Inc. Status - Update Regarding DDoS Event Against Dyn Managed DNS on October 21, 2016|url=https://www.dynstatus.com/incidents/5r9mppc1kb77|website=dynstatus.com|accessdate=21 October 2016}}
8. ^{{cite web|title=Red Stag Fulfillment - Can Hackers Shut Down Your Ecommerce Business?|url=http://redstagfulfillment.com/wordpress/wp-content/uploads/DYN-infographic-01.jpg|website=redstagfulfillment.com|accessdate=21 October 2016}}
9. ^¹²³⁴⁵⁶⁷{{cite web|last1=Heine|first1=Christopher|title=A Major Cyber Attack Is Hurting Twitter, Spotify, Pinterest, Etsy and Other Sites|url=http://www.adweek.com/news/technology/major-cyber-attack-hurting-twitter-spotify-etsy-shopify-and-other-sites-174214|website=AdWeek|accessdate=21 October 2016}}
10. ^{{cite web|last1=Chavez|first1=Danette|title=Here’s why half the internet went down today|url=http://www.avclub.com/article/heres-why-half-internet-went-down-today-244611|website=The A.V. Club|accessdate=21 October 2016|date=21 October 2016}}
11. ^¹²³⁴⁵⁶⁷⁸⁹¹⁰¹¹¹²¹³¹⁴¹⁵¹⁶¹⁷¹⁸¹⁹²⁰{{cite web|last1=Chiel|first1=Ethan|title=Here Are the Sites You Can't Access Because Someone Took the Internet Down|url=http://fusion.net/story/360952/which-sites-affected-ddos-attack/|website=Fusion|accessdate=21 October 2016}}
12. ^¹²{{cite web|last1=Murdock|first1=Jason|title=Twitter, Spotify, Reddit among top websites knocked offline by major DDoS attack|url=http://www.ibtimes.co.uk/twitter-spotify-reddit-among-top-websites-knocked-offline-by-major-ddos-attack-1587646|website=International Business Times UK|accessdate=21 October 2016|date=21 October 2016}}
13. ^¹²³⁴⁵⁶⁷⁸⁹¹⁰{{Cite news|url=https://www.theatlantic.com/technology/archive/2016/10/when-the-entire-internet-seems-to-break-at-once/504956/|title=What’s Going On With the Internet Today?|last=Meyer|first=Robinson|date=|work=|last2=LaFrance|first2=Adrienne|newspaper=The Atlantic|language=en-US|access-date=2016-10-21|via=}}
14. ^{{cite tweet|user=TESOnline|number=789545206228156416|date=21 October 2016|title=We are still investigating intermittent login issues some players are experiencing across all megaservers.}}
15. ^¹²³⁴⁵⁶{{cite web|title=Massive web attacks briefly knock out top sites|url=https://www.bbc.com/news/technology-37728015|website=BBC News|date=21 October 2016}}
16. ^¹²³{{cite web|last1=Thielman|first1=Sam|last2=Johnston|first2=Chris|title=Major cyber attack disrupts internet service across Europe and US|url=https://www.theguardian.com/technology/2016/oct/21/ddos-attack-dyn-internet-denial-service|website=The Guardian|accessdate=21 October 2016|date=21 October 2016}}
17. ^{{cite web|last1=Hinckley|first1=Story|title=Did the East Coast just suffer a massive cyberattack?|url=http://www.csmonitor.com/Technology/2016/1021/Did-the-East-Coast-just-suffer-a-massive-cyberattack|website=Christian Science Monitor|accessdate=21 October 2016|date=21 October 2016}}
18. ^¹{{cite web|last1=Hughes|first1=Matthew|title=A massive DDOS attack against Dyn DNS is causing havoc online [Updated]|url=https://thenextweb.com/security/2016/10/21/massive-ddos-attack-dyn-dns-causing-havoc-online/|website=The Next Web|accessdate=21 October 2016|date=21 October 2016}}
19. ^¹{{cite web|title=Having internet problems today? Here's what's going on|url=http://www.wjhg.com/content/news/Having-internet-problems-today-Heres-whats-going-on-397907861.html|website=WJHG-TV|accessdate=21 October 2016}}
20. ^¹²³{{cite web|last1=Chacos|first1=Brad|title=Major DDoS attack on Dyn DNS knocks Spotify, Twitter, Github, PayPal, and more offline|url=http://www.pcworld.com/article/3133847/internet/ddos-attack-on-dyn-knocks-spotify-twitter-github-etsy-and-more-offline.html|website=PCWorld|accessdate=22 October 2016}}
21. ^{{cite web|last1=Menn|first1=Joseph|title=Cyber attacks disrupt PayPal, Twitter, other sites|url=https://www.reuters.com/article/us-usa-cyber-idUSKCN12L1ME|website=Reuters|accessdate=23 October 2016|date=22 October 2016}}
22. ^¹²³⁴⁵⁶⁷⁸⁹¹⁰¹¹{{Cite news|url=https://gizmodo.com/this-is-probably-why-half-the-internet-shut-down-today-1788062835|title=This Is Probably Why Half the Internet Shut Down Today [Update: It’s Happening Again]|last=Turton|first=William|newspaper=Gizmodo|language=en-US|access-date=2016-10-21}}
23. ^{{cite web|title=DDoS Attack on DNS; Major sites including GitHub PSN, Twitter Suffering Outage|url=https://www.hackread.com/ddos-attack-dns-sites-suffer-outage/|website=HackRead|accessdate=23 October 2016|date=21 October 2016}}
24. ^{{cite web|title=[RESOLVED] Unscheduled Maintenance|url=https://community.secondlife.com/t5/Status-Grid/RESOLVED-Unscheduled-Maintenance/ba-p/3075187|accessdate=23 October 2016|deadurl=yes|archiveurl=https://web.archive.org/web/20161024025120/https://community.secondlife.com/t5/Status-Grid/RESOLVED-Unscheduled-Maintenance/ba-p/3075187|archivedate=24 October 2016|df=}}
25. ^¹Joel Westerholm. "[https://sverigesradio.se/sida/artikel.aspx?programid=83&artikel=6547041 Så sänktes Twitter och Regeringen.se i attacken]", Sveriges Radio, 24 October 2016. Retrieved 30 October 2016.
26. ^{{cite web|title=U.S. internet disrupted as firm hit by cyberattacks|url=http://www.cbsnews.com/news/internet-disrupted-dyn-hit-by-ddos-cyberattack/|website=CBS News|accessdate=21 October 2016}}
27. ^{{cite web|last1=Lecher|first1=Colin|title=Denial-of-service attacks are shutting down major websites across the internet|url=https://www.theverge.com/2016/10/21/13357344/ddos-attack-websites-shut-down|website=The Verge|accessdate=21 October 2016|date=21 October 2016}}
28. ^{{cite web|last1=Gallagher|first1=Sean|title=DoS attack on major DNS provider brings Internet to morning crawl [Updated]|url=https://arstechnica.com/security/2016/10/dos-attack-on-major-dns-provider-brings-internet-to-morning-crawl/|website=Ars Technica|accessdate=21 October 2016}}
29. ^{{cite web|last1=Wolkenbrod|first1=Rob|title=Why is the WWE Network Down on Friday, October 21?|url=http://dailyddt.com/2016/10/21/wwe-network-down-ddos-attack/|website=Daily DDT|accessdate=22 October 2016|date=21 October 2016}}
30. ^{{cite web|last1=Sarkar|first1=Samit|title=Massive DDoS attack affecting PSN, some Xbox Live apps (update)|url=http://www.polygon.com/2016/10/21/13361014/psn-xbox-live-down-ddos-attack-dyn|website=Polygon|accessdate=23 October 2016|date=21 October 2016}}
31. ^{{Cite news|url=http://www.politico.com/story/2016/10/websites-down-possible-cyber-attack-230145|title=Government probes major cyberattack causing internet outages|newspaper=POLITICO|access-date=2016-10-21}}
32. ^{{Cite web|url=http://time.com/4540921/internet-dyn-outage-homeland-security/|title=Homeland Security Is 'Investigating All Potential Causes' of Internet Disruptions|last=Finkle|first=Jim|last2=Volz|first2=Dustin|date=|website=TIME.com|publisher=|access-date=2016-10-21}}
33. ^{{cite web|url=http://money.cnn.com/2016/10/21/technology/ddos-attack-popular-sites/index.html|title=Popular sites like Amazon, Twitter and Netflix suffer outages|website=money.cnn.com|publisher=CNN Money|accessdate=October 21, 2016}}
34. ^¹²{{Cite news|url=https://www.nytimes.com/2016/10/22/business/internet-problems.html|title=No, It’s Not Just You. The Internet Is (Still) Having Problems.|last=Perlroth|first=Nicole|date=2016-10-21|last2=Mccann|first2=Erin|newspaper=The New York Times|issn=0362-4331|access-date=2016-10-21}}
35. ^{{Cite news|url=http://motherboard.vice.com/read/blame-the-internet-of-things-for-destroying-the-internet-today|title=Blame the Internet of Things for Destroying the Internet Today|newspaper=Motherboard|language=en-us|access-date=2016-10-27}}
36. ^{{Cite news|url=https://www.nytimes.com/2016/10/22/business/internet-problems-attack.html|title=Internet Attack Spreads, Disrupting Major Websites|last=Perlroth|first=Nicole|date=2016-10-21|newspaper=The New York Times|issn=0362-4331|access-date=2016-10-22}}
37. ^{{cite web | url = https://www.theverge.com/2016/10/21/13362354/dyn-dns-ddos-attack-cause-outage-status-explained | title= How an army of vulnerable gadgets took down the web today | first = Nick | last = Statt | date = October 21, 2016 | accessdate = October 21, 2016 | work = The Verge }}
38. ^CNN, 25 October 2016, Obama: We have no idea who carried out huge cyberattack
39. ^Justice Department, 13 December, 2017, [https://www.justice.gov/usao-nj/pr/justice-department-announces-charges-and-guilty-pleas-three-computer-crime-cases Justice Department Announces Charges And Guilty Pleas In Three Computer Crime Cases Involving Significant Cyber Attacks]
40. ^¹²{{cite web |last1=Romm |first1=Tony |last2=Geller |first2=Eric |title=WikiLeaks supporters claim credit for massive U.S. cyberattack, but researchers skeptical |url=http://www.politico.com/story/2016/10/websites-down-possible-cyber-attack-230145 |website=POLITICO |date=21 October 2016 |accessdate=22 October 2016}}
41. ^{{cite newspaper |last1=Han |first1=Esther |title=WikiLeaks claims its supporters are behind the massive DDoS cyber attack |url=http://www.smh.com.au/technology/technology-news/wikileaks-points-to-its-supporters-for-massive-ddos-cyber-attack-20161021-gs881u.html |newspaper=The Sydney Morning Herald |accessdate=22 October 2016 |date=22 October 2016}}
42. ^{{Cite news |url=https://www.nytimes.com/aponline/2016/10/21/world/europe/ap-disruptive-cyberattack.html|title=Cyberattacks on Key Internet Firm Disrupt Internet Services|last1=Satter |first1=Raphael |last2=Fowler |first2=Bree |last3=Bajak |publisher=The Associated Press |date=21 October 2016 |newspaper=The New York Times |issn=0362-4331 |access-date=22 October 2016 |archive-date=2016-10-25 |archive-url=https://web.archive.org/web/20161025073904/https://www.nytimes.com/aponline/2016/10/21/world/europe/ap-disruptive-cyberattack.html}}
43. ^{{cite news|last1=Lomas|first1=Natasha|title=Dyn DNS DDoS likely the work of script kiddies, says FlashPoint |url=https://techcrunch.com/2016/10/26/dyn-dns-ddos-likely-the-work-of-script-kiddies-says-flashpoint/ |accessdate=26 October 2016 |work=TechCrunch |date=26 October 2016}}
44. ^{{cite web |url=https://www.forbes.com/sites/leemathews/2016/11/17/angry-gamer-blamed-for-most-devastating-ddos-of-2016/#78871c472dac |title=Angry Gamer Blamed For Most Devastating DDoS Of 2016 |last=Mathews |first=Lee |date=17 November 2016 |website=Forbes.com |publisher=Forbes Media LLC |accessdate=20 April 2018}}