The recent attack on Friday, October 21, 2016 on Dyn, Inc, a DNS service provider that provides access to major websites such as Spotify, Twitter, Reddit, the New York Times and PayPal, highlights a number of weaknesses in the infrastructure of the Internet. The attack was a highly coordinated Distributed Denial of Service (DDoS) attack on data servers across the U.S East Coast and other parts of the country, including Texas and California. The attack involved millions of requests coming from groups using the now open-source Mirai botnet code. Mirai became famous several weeks ago in its own 620-Gigabytes-per-second DDoS attack on the "Krebs on Security" website this September, though a different Mirai botnet was used; ironically, KrebsOnSecurity.com is run by Brian Krebs, an investigative reporter who often writes about cybercrime and computer security.

This attack brings to light three different and startling facts about data-center safety. The first is the freely available Mirai botnet source code's capability for detrimental effects when used by the correct (or perhaps wrong) hands. While the attacks were eventually overcome, over the course of the day they interrupted internet traffic for major websites and interrupted financial services on websites such as PayPal, which has a wide-reaching commercial impact on tens of thousands of other websites for the attack's duration.

This incident also shines a light on the increasing security threat to data centers from the "Internet of Things" (IoT). Many of the attacks came from surprising sources, including DVR players and digital cameras. As products are increasingly made internet-capable, they increasingly permit their use by hackers. This attack highlights the increased need for further security measures for these internet-enabled devices.

Finally, this attack illuminates the importance for redundancy for name servers. When the attack was at its height, and regional data centers were facing a DDoS assault, data centers in other areas of the world were often still able to provide access to their users because of the ability to switch name servers, thus giving websites the ability to identify themselves from more than one location; if a website had two different name servers, but both were in affected data centers, nothing could be done to easily restore service to areas outside of the attack. Those websites with name servers hosted outside of the beleaguered data centers, however, were able to partially restore service to areas not under attack. This clearly demonstrates the need for both name-server and physical redundancy in the 21st-century Internet to preserve Internet connectivity.

The recent DDoS attack is certainly only a sign of what is to come in the future, as hackers take advantage of an ever-changing data landscape. As we become increasingly reliant on the Internet in the 21st century, these attacks tell us that we must work to create a more secure, resilient and redundant data infrastructure.

To learn more about data security, contact TelWare at 1-800-637-3148 or sales@telware.com. TelWare is a national leader in the installation of voice, video, data and unified communications solutions. TelWare is an authorized Avaya, Star2Star, SimpleWAN and 3CX dealer.

Back to News