Skip to main content
close search
site logo
Dive Brief

Dyn may have been an innocent bystander in last year's Mirai botnet attack

Published Aug. 22, 2017
By
Contributing Editor
Deposit Photor

Dive Brief:

  • PlayStation  not Dyn — may have been the true target of the record-breaking 620 Gpbs Mirai botnet DDoS attack that took place last October, according to a new report from a team of researchers at Google, Cloudflare, Merit Networks, Akamai and several university partners. The researchers presented their findings last week at the Usenix conference, according to The Verge and other sources.

  • The researchers found PlayStation Network nameservers accounted for all the IP addresses targeted in the cyberattack. But because Dyn services are interconnected, the attack ultimately affected Twitter, Etsy, Github, Spotify, Reddit, Netflix and SoundCloud, among others. 

  • The same attackers also went after a handful of gaming services — Xbox Live, Nuclear Fallout and ValveSteam — around the same time, the researchers found. They are not sure what prompted the attacks.

Dive Insight:

For Dyn, it was a high price to pay. Following the attac​k, more than 14,000 internet domains dropped Dyn as their DNS services provider.

The Dyn attack was particularly notable because it used the Mirai botnet to harness "zombie" Internet of Things devices to work on its behalf for the first time. The attack also highlighted an internet choke point, where scores of companies could be impacted. 

The attack did have some positive results. A DDoS attack stemming from compromised IoT devices showed the advanced capabilities malicious actors have when targeting networks, and quickly prompted several IoT device makers to recall or reevaluate the security of their devices.

It also inspired the House Subcommittee on Communications and Technology and the Subcommittee on Commerce, Manufacturing and Trade to hold a joint hearing to consider whether federal regulation is needed to ensure Internet of Things device security. More recently, a group of bipartisan senators proposed a law to secure the IoT, placing the onus on manufacturers to adequately secure internet-connected devices.

Though the incident certainly made for a bad day for Dyn, the company was purchased by Oracle soon after.

Recommended Reading

Filed Under: Security

Editors' picks

Company Announcements

View all | Post a press release
TrustNet Named 2024’s Best Compliance Advisory and Audit Firm at CDM’s Annual Top InfoSec Inno…
From TrustNet
November 06, 2024
truCX Launches Groundbreaking Partner Portal, Empowering CX Consultants and Trusted Advisors w…
From truCX
October 30, 2024
Cosentino Drives Business Transformation with AI Powered by Celonis Process Intelligence
From Celonis
October 23, 2024
Productboard Launches AI-Powered Productboard Pulse To Integrate Voice of Customer Into Produc…
From Productboard
October 29, 2024
Editors' picks
Latest in Security
image/svg+xml
Industry Dive is an Informa business
© 2024 Industry Dive. All rights reserved. | View our other publications | Privacy policy | Terms of use | Take down policy.
Cookie Preferences / Do Not Sell