DDoS Attack Against Dyn Managed DNS:
https://techcrunch.com/2016/10/21/many-sites-including-twitter-and-spotify-suffering-outage/

Services like Twitter and Paypal are affected.

Could be a test for election day...

Also see this article from last month:
Someone Is Learning How to Take Down the Internet (https://www.schneier.com/blog/archives/2016/09/someone_is_lear.html)

Mass DDoS attack cripples world's biggest websites (https://www.rt.com/news/363642-websites-outage-ddos-attack/)


RT (https://www.rt.com/news/363642-websites-outage-ddos-attack/)
Published time: 21 Oct, 2016 12:54
Edited time: 21 Oct, 2016 14:51


https://www.sott.net/image/s17/352362/large/CvS1jHzWcAEXGkC.jpg (https://www.sott.net/image/s17/352362/full/CvS1jHzWcAEXGkC.jpg)
© Tom Leyden / Twitter


A widespread cyber-attack was carried out against some of the world’s biggest websites on Friday, with users unable to access Twitter, SoundCloud, Spotify and many others for over two hours.

Major DNS host Dyn says access to websites was restored following a DDoS attack early Friday, stating that “services have been restored to normal as of 13:20 UTC,” following hours of outages online.
Services have been restored to normal as of 13:20 UTC.
— Dyn (@Dyn) October 21, 2016 (https://twitter.com/Dyn/status/789462510562836480)According to Hacker News (https://news.ycombinator.com/item?id=12759520), a “Massive Dyn DNS outrage” caused Twitter, Etsy, Github, SoundCloud and Spotify to go down.

No-one has yet claimed responsibility for the attacks.

Other sites reportedly affected included Airbnb, Reddit and Vox Media. Users said they had a variety of issues, depending on their location, Tech Crunch (https://techcrunch.com/2016/10/21/many-sites-including-twitter-and-spotify-suffering-outage/?sr_share=facebook) reports.

SoundCloud thanked users for their "patience" as the site returned to normal.
The issue has now been located and resolved - thanks a lot for your patience.
— SoundCloud Support (@SCsupport) October 21, 2016 (https://twitter.com/SCsupport/status/789463779247525889)GitHub announced that the issue had been "resolved" and would continue to be monitored.
The upstream DNS incident has been resolved. We continue to monitor our systems while they deliver a backlog of webhook events.
— GitHub Status (@githubstatus) October 21, 2016 (https://twitter.com/githubstatus/status/789466733962752001)DDoS stands for a ‘distributed denial-of-service’ attack where a machine or network source is made unavailable for users by overwhelming the targeted website’s traffic bandwidth.
Sites down this morning: Twitter, Tumblr, NYT, Reddit, PayPAl, WhatsApp, Daily News, CNN, Spotify, Soundcloud, etc.
— Bruno (@NovusDeum) October 21, 2016 (https://twitter.com/NovusDeum/status/789446118769909760)
@buyvpnservice (https://twitter.com/buyvpnservice) are you guys down due to the same outages of Twitter and Spotify as well? Can't access PIA VPN via mobile.
— GD (@gbrldz) October 21, 2016 (https://twitter.com/gbrldz/status/789446444222525441)“Starting at 11:10 UTC on October 21th [sic]-Friday 2016 we began monitoring and mitigating a DDoS attack against our Dyn Managed DNS infrastructure. Some customers may experience increased DNS query latency and delayed zone propagation during this time. Updates will be posted as information becomesavailable,” Dyn (https://www.dynstatus.com/incidents/nlr4yrr162t8) posted on its website.

The company said the attack primarily affected the “US East."
We are aware of the ongoing service interruption of our Managed DNS network. For more information visit our status page.
— Dyn (@Dyn) October 21, 2016 (https://twitter.com/Dyn/status/789444349998268416)
Here your Twitter problem. (Level3 outage map) pic.twitter.com/yzqfYuH33b (https://t.co/yzqfYuH33b)
— Tom Leyden (@newshawk) October 21, 2016 (https://twitter.com/newshawk/status/789455464908070914)In a tweet posted Friday, Spotify said it was “having some issues right now and investigating,” while GitHub described the attack as “a global event” that was “affecting an upstream DNS provider.”

“GitHub services may be intermittently available at this time,” the site tweeted.
SoundCloud also tweeted that the site was experiencing “playback issues on iOS” but engineers were “investigating the cause.”
We're seeing playback issues on iOS. Engineers are investigating the cause. For updates check our Status blog https://t.co/9anKTSU2Gj
— SoundCloud Support (@SCsupport) October 21, 2016 (https://twitter.com/SCsupport/status/789448932602576896)

Interesting timing for sure...

Who ever they are, they're showing their true power and also telling Assange he's not alone. If he's not dead yet.

See:
http://www.digitalattackmap.com/#anim=1&color=0&country=ALL&list=2&time=17094&view=map

Click on the "unusual" tab

At the bottom of the graphic is a slider where one can look at some historical of where it is originating from, and going to..

There are other sites as well showing "outages" - example: Down Detector dot com - http://downdetector.com/ pick your service and check for outage reports/maps

One can click on the ">" button to get an animation over time, historically where what's happening and when..

http://chanlo.com/images/attack-map-1.jpg

Akamai ( a major supplier of downloads to users ) reports on this map (real time)

https://www.akamai.com/us/en/solutions/intelligent-platform/visualizing-akamai/real-time-web-monitor.jsp

Oregon appears to be the largest focal point -

http://chanlo.com/images/attack-map-2.jpg

Live as of October 21, 2016 06:55:27 PM GMT = 1,375,477 attacks, followed by LA California at 872,072 attacks..

In Europe, UK is the hardest being hit.

Check out (expand the various country statistics to see where the attacks are hitting)

The real-time map at DownDetector.Com (above link earlier in the post)
http://downdetector.com/status/level3/map/


Dyn - http://hub.dyn.com/ddos-2 The attack actually centered on Dyn, a New Hampshire-based company that offers a platform to optimize websites' online performance.

Dyn provides core Internet services for

Twitter,
SoundCloud,
Spotify,
Reddit and a host of other sites,

causing outages and slowness for many of Dyn’s customers.


Update - Our engineers continue to investigate and mitigate several attacks aimed against the Dyn Managed DNS infrastructure.
Oct 21, 20:37 UTC

https://www.dynstatus.com/

What I did then was go to: https://krebsonsecurity.com/2016/10/ddos-on-dyn-impacts-twitter-spotify-reddit/
and look for the link on Dyn's STATUS PAGE (https://www.dynstatus.com/)

My buddy is trying to get a wire/funds out of new york, guess what , they can't do it because of this .At least not right now.

I use DYN and we had issues up to 1PM EST

I understand a DDoS attack leaves the servers vulnerable to data theft too. For me it opens up other possible agendas. I changed my passwords just to be on the safe side

I find this very interesting and possibly relayted to lisamharrison computer take over by some sort of intelligence probably not a.i..nor human....whose facebook account has been shut down repetedly...coincidence???

We need to build a distributed internet run off torrent protocols or similar. Easier said than done, I know. It'll take 3-10 years, but people are brainstorming.

This is a good start, but the pages don't load. Maybe because not enough people are hosting them:

https://github.com/elendirx/web2web

Update - Dyn says it's plugged the situation, as "identified"..

from http://www.digitalattackmap.com/#anim=1&color=0&country=ALL&list=2&time=17094&view=map

Clicking on the reported source for destination USA, these are the origination countries:

Mexico
Honduras
Japan
Ecuador
Peru
Argentina
Greece
Bangladesh
Taiwan
Bolivia
Colombia
Venezuela
Dominican Republic
Singapore
Algeria
Finland
Norway
Germany
Poland
South Korea
Albania
Philippines
Italy
Canada
Viet Nam
Bulgaria
France
Myanmar
Turkey
Ukraine
Laos
Pakistan
India
Spain
Israel
Thailand
China
Hong Kong
Romania
Russia
Indonesia
Malaysia
United Kingdom
(and a couple unknowns, apparently unresolvable)

Summary - from Radio Free EU

verbatim:

"A hacker group from China and Russia claimed responsibility for a massive cyberattack that caused outages on popular websites from the U.S. east coast to Europe and Asia on October 21.

New World Hackers claimed responsibility for the attack via Twitter, though U.S. authorities said they could not verify the claim. They said they organized networks of "zombie" computers to throw 1.2 terabits per second of data at servers managed by Dyn Inc.

"We didn't do this to attract federal agents, only test power," two group members who identified themselves as "Prophet" and "Zain" told AP via Twitter. They said more than 10 members participated in the attack.

The two told AP that 30 people have access to the @NewWorldHacking Twitter account that claimed responsibility for the attack. They said 20 are in Russia and 10 in China.

Dyn, which serves some of the biggest names on the web including Twitter, Netflix, Spotify, and PayPal, said it does not know who was behind the attacks. The FBI said it is investigating the matter.

The hacking group has in the past claimed responsibility for similar attacks against sites including ESPN and the BBC. It has also claimed responsibility for cyberattacks against Islamic State."

Reference:
RFU said the above is based on data derived from reports from reporters of AP, Global News, and Reuters
Article - http://www.rferl.org/a/hacking-group-new-world-hacking-russia-china-claims-credit-twitter-massive-cyberattack-dyn-/28068649.html

=====================

Popular-Mechanics analysis - - http://www.popularmechanics.com/technology/infrastructure/a23504/mirai-botnet-internet-of-things-ddos-attack/

It was due to INTERNET CONNECTED GADGETS connected to the internet and left in an UNSECURE mode.

"Your REFRIGERATOR attacked DYN" is an emphasis from their page - "webcams and even thermostats may have been used .."


The Mirai code focuses on all kinds of smart devices including cameras to internet-connected fridges, but its bread and butter is DVRs. Of the nearly 500,000 devices known to be compromised by the Mirai malware, some 80 percent of them are DVRs, according to an in-depth investigation of by Level 3 communications.

These infected DVRs, along with a few thousand other gadgets, can drive ludicrous amounts of traffic.

Devices compromised by this malware were responsible for a 620Gbps attack against the security website Krebs on Security in September, the biggest DDoS the world had ever seen, at the time.

Reports from the security firm Flashpoint, by way of Brian Krebs, suggest that it is a botnet based on exactly this technology that is responsible for today's outages, and Dyn has since confirmed this suspicion to TechCrunch.

WHY are the smart IoT gadgets so easy (https://iot.f-secure.com/2016/03/04/the-simple-reason-iot-devices-are-so-hackable/) to hack?


A hacker probing one's system can simply log into them with their factory-default username and password. Have you changed the password on your smart fridge lately? I thought not.

From: https://techcrunch.com/2016/10/21/many-sites-including-twitter-and-spotify-suffering-outage/ - Tech Crunch dot Com report

"DDoS traffic has been coming from tens of millions of discrete IP addresses around the globe."


“There are 3.4 billion internet users globally and 10 to 15 billion IoT devices."

(IoT = Internet of {all} Things)

Internet connected devices do not necessarily have anti-malware software built-in, nor are necessarily protected safely from being converted into "internet attack drones" . Some of the OS's are more secure than others. They are designed for being free, open source, and easy to develop code for dedicated smart devices.

What do they use? RIOT (https://en.wikipedia.org/wiki/RIOT_(operating_system)) , FreeRTOS (https://en.wikipedia.org/wiki/FreeRTOS), SafeRTOS, TinyOS (https://en.wikipedia.org/wiki/TinyOS), Contiki (https://en.wikipedia.org/wiki/Contiki), (Extant uses for Contiki include systems for street lighting, sound monitoring for smart cities, radiation monitoring, and alarms). See Comparison of real-time operating systems (https://en.wikipedia.org/wiki/Comparison_of_real-time_operating_systems) - Wiki for more. Embedded operating systems (eOS) here - wiki (https://en.wikipedia.org/wiki/Category:Embedded_operating_systems).


More: - Understanding the IoT danger - hacking and potentials of the smart IoT devices to steal networked passwords, (is the cute cuddly teddy bear sending network secrets?) - see https://www.upguard.com/blog/7-hackable-iot-devices-to-watch-out-for-at-ces-2016

DDos obviously has gained attention, and dramatically has shown lack of security issues by taking down a major network company's services.. What ELSE can IoT devices do??

No problems down here, all is well and beautiful.

This Is The Chinese Firm Whose Cameras Took Down The Internet On Friday (http://www.zerohedge.com/news/2016-10-24/chinese-firm-whose-cameras-took-down-internet-friday)

http://www.zerohedge.com/sites/default/files/pictures/picture-5.jpg (http://www.zerohedge.com/users/tyler-durden)
by Tyler Durden (http://www.zerohedge.com/users/tyler-durden)
Oct 24, 2016 9:12 AM


http://www.zerohedge.com/sites/default/files/imagecache/fp_thumb/images/user5/imageroot/china%20camera.jpg

Last Friday many Americans woke up to extremely slow or nonexistent internet services after a cyber attack "of unknown origin" on DNS service provider DYN took down much of the internet in the North East. As the day wore on, the attack spread across the country taking out numerous large websites including Twitter, Spotify, Reddit, eBay and the New York Times (we wrote about it here: "DNS Cyber Attack Returns As Northeast Internet Traffic Grinds To A Crawl For Second Time (http://www.zerohedge.com/news/2016-10-21/enormous-cyber-attack-takes-down-hundreds-websites-how-track-global-cyber-war)").


http://www.zerohedge.com/sites/default/files/images/user5/imageroot/2016/10/16/outage%20map_0.jpg (http://www.zerohedge.com/sites/default/files/images/user5/imageroot/2016/10/16/outage%20map.jpg)


Some immediately accused Putin of taking down the US internet in retaliation for accusations of cyber attacks on the Democratic party and Hillary Clinton, although there was no official statement from the US.

Now, while the origin of the attack is still unknown (even though we're sure that Hillary's "17 intelligence agencies" have their suspicions), we're getting a better idea of how the attack was executed. According to Bloomberg (https://www.bloomberg.com/news/articles/2016-10-24/chinese-firm-says-its-cameras-were-used-to-take-down-internet), Internet-connected CCTV cameras made by a Chinese firm, Hangzhou Xiongmai Technology Co., were infected with malware that allowed hackers to takeover "tens of millions" of devices to launch the distributed denial-of-service (DDoS) attacks.
A Chinese security camera maker said its products were used to launch a cyber-attack that severed internet access for millions of users, highlighting the threat posed by the global proliferation of connected devices.

The attackers hijacked CCTV cameras made by Hangzhou Xiongmai Technology Co. using malware known as Mirai, the company said in an e-mailed statement. While Xiongmai didn’t say how many of its products had been infiltrated, all cameras made before September 2015 were potentially vulnerable.

The attack, which took down sites including Twitter, Spotify and CNN for long stretches, underscored how hackers can marshal an increasing number of online gadgets, collectively known as the Internet of Things, to disrupt the internet on an unprecedented scale.

“Mirai is a huge disaster for the Internet of Things. XM have to admit that our products also suffered from hacker’s break-in and illegal use," Xiongmai said in its e-mail.

Security professionals have anticipated an increase in attacks from malware that target connected gadgets. In Friday’s instance, hackers launched a distributed denial-of-service (DDoS) attack using tens of millions of malware-infected devices connected to the internet, according to Kyle York, Dyn’s chief strategy officer.
Seems the "internet of things" has it's downsides.

I was on a support call with a vendor on Friday.. couldn't complete the upgrades we were trying to do due to the outage... pretty crappy.