Internet outage takes down Twitter, Netflix, PayPal and many of the web's most visited websites

Services like PlayStation Network were caught up in the problems

Andrew Griffin,Tim Walker
Friday 21 October 2016 17:28 BST
Comments
(Getty)

Your support helps us to tell the story

From reproductive rights to climate change to Big Tech, The Independent is on the ground when the story is developing. Whether it's investigating the financials of Elon Musk's pro-Trump PAC or producing our latest documentary, 'The A Word', which shines a light on the American women fighting for reproductive rights, we know how important it is to parse out the facts from the messaging.

At such a critical moment in US history, we need reporters on the ground. Your donation allows us to keep sending journalists to speak to both sides of the story.

The Independent is trusted by Americans across the entire political spectrum. And unlike many other quality news outlets, we choose not to lock Americans out of our reporting and analysis with paywalls. We believe quality journalism should be available to everyone, paid for by those who can afford it.

Your support makes all the difference.

A major Internet outage affected many of the world's biggest online firms on Friday, with websites including Twitter, Netflix, Spotify, Reddit, PayPal and eBay down for long stretches. Other services such as PlayStation Network also appeared to be hit by the outage. Google and Facebook were unaffected.

The widespread disruption was the result of a coordinated assault on some of the underlying infrastructure that powers the Internet. Dyn, one of several companies responsible for hosting the crucial web directory known as the Domain Name System (DNS), suffered a sustained so-called “distributed denial of service” (DDoS) attack, leading many people intermittently to lose access to specific sites or to the Internet entirely.

A DDoS attack means hackers hijack vast numbers of internet-connected devices to swamp a victim’s website with so much junk traffic that it is unable to cope. Dyn, based in New Hampshire, said the attack began shortly after 12pm BST. Twitter, Netflix et al were not directly targeted, but the attack on Dyn – which reportedly serves around 30 Fortune 500 companies – affected users’ access to those sites.

The company indicated that the issue had been fixed by 2.30pm, but that the assault began again a couple of hours later. Just before 7pm BST the firm said on its status page that the “advanced service monitoring issue” had been resolved, but that its engineers were “still investigating and mitigating the attacks on our infrastructure.”

It still isn’t clear where the cyber-attack originated. Kyle York, Dyn’s chief strategist, told the New York Times that the hit on its servers was highly sophisticated. “This was not your everyday DDoS attack,” he told the newspaper, whose own website was affected by the incident. “The number and types of attacks, the duration of attacks and the complexity of these attacks are all on the rise,” Mr York warned.

In a recent essay entitled “Someone is Learning How to Take Down the Internet,” web security expert Bruce Schneier wrote that someone had been “extensively testing the core defensive capabilities of the companies that provide critical internet services.” Though no culprit has been identified, Mr Schneier suggested “it feels like a large nation state. China and Russia would be my first guesses.”

In a tweet, Wikileaks appeared to credit supporters of its founder Julian Assange for the attack, asking them "to stop taking down the US internet" and suggesting they had "proved [their] point".

Lawrence Orans, a research vice president at Gartner specialising in web security and DDoS attacks, agreed with Mr Schneier's analysis. “An attack of this magnitude can’t be executed by a kid in his bedroom,” he said. “It’s more sophisticated than that. A nation state would be a prime suspect.”

The US authorities are thought to be concerned that such attacks could be used in an attempt to somehow disrupt the coming presidential election. The Department of Homeland and Security and FBI were both investigating Friday’s attack, Reuters reported.

While DDoS attacks “do not cause permanent damage,” Mr Orans explained, they can temporarily affect communications, sow a sense of chaos and in some cases cause economic effects, for example by attacking retailers during a sale season. “It’s a temporary disruption to make a point,” he said. “But it’s highly inconvenient.”

Join our commenting forum

Join thought-provoking conversations, follow other Independent readers and see their replies

Comments

Thank you for registering

Please refresh the page or navigate to another page on the site to be automatically logged inPlease refresh your browser to be logged in