Understanding the Dyn DDoS Attack.

cyber_warTraffic jams are caused when too many cars all try to go to the same place at the same time. The roads are overwhelmed, traffic comes to a standstill, and no one gets to their destination on time.

A distributed denial of service (DDoS) cyberattack like the one that made headlines by staggering the internet last Friday works the same way. Someone purposely forces too many bits of information to a server all at once, rendering it functionless. The system is overwhelmed.

The DDoS attack against Dyn this past week meant a number of organizations couldn’t access information and applications. The result was that for many end-users, the internet simply didn’t work. Making this attack particularly potent was that Dyn isn’t just a targeted company but a key part of the internet supply chain used by many internet companies, leading to outages – in this case, everyone who is dependent on Dyn. Dyn reports that some of the attacks came as part of the Mirai virus, which means the attack came via IoT devices like web-connected network security cameras instead of desktop computers.

The chart above shows how a botnet, when repeated over thousands of users, can overwhelm internet systems and lead to a DDoS attack like the one delivered to Dyn. It’s a surprisingly simple concept that, when executed, hijacks a benign Internet lookup tool for its own nefarious purpose.

DDoS attacks are effective and efficient. But there are steps that users can take to protect their IoT devices from being hijacked. To protect against another attack like the one that happened last week, at a minimum make sure to change the default username and password on your IoT devices. Taking small measures means you can better protect your devices from being taken over and used in an attack.