oct 21, 2016 - Dyn DDoS attack via iOT devices
In October, cybercriminals launched major DDoS attacks, disrupting a host of websites, including the likes of Twitter, Netflix, PayPal, Pinterest and the PlayStation Network, amongst many others.
THE ATTACK WAS STAGGERING FOR ITS SIZE, AT ONE TIME MEASURING CLOSE TO 1 TBPS
The group behind the attack did this by compromising thousands of endpoint IoT devices (initially thought to be 100,000 – later downscaled to nearer 20,000 by security researchers), transforming them in a botnet and essentially flooding traffic to DNS hosting provider Dyn (recently acquired by Oracle).
Of course, this attack had a short-term effect on some of the world’s most popular sites but that’s not what makes it significant, nor too the attack method (DDoS remains in the toolkit of every cybercriminal).
No, the attack was staggering for its size, measuring close to 1 Tbps at one time, which was not dissimilar to the DDoS attack which targeted Brian Krebs’ website one month earlier (more on this later). And with Gartner predicting that there will be 20.8 billion ‘connected’ things talking to each other by 2020, you can be sure that this kind of DDoS attack is just the start.
Added to timeline: