A mega cyber attack on the eastern United States late Friday knocked out the internet via simple devices such as digital recorders and webcams, rapidly spreading to the rest of the country and then to parts of Europe.
Internet giants such as PayPal, Twitter, Spotify, as well as other customers of the Dyn infrastructure company in New Hampshire were down across the Eastern Seaboard at first, but then the malfuction spread rapidly across the internet to other sites.
Dyn is a firm that acts as a kind of distributor or switchboard for internet traffic. The company’s chief strategy officer, Kyle York, told Reuters, “The complexity of the attacks is what’s making it very challenging for us.” The Flashpoint security firm is assisting Dyn with analyzing the attack, Reuters reported Saturday.
The company said the attacks were coming from millions of internet addresses, which called it an especially potent type of distributed denial-of-service attack (DDoS). Such an attack involves flooding the target with so much junk traffic, the targeted address freezes up.
Users were also unable to reach CNN, the New York Times, the Wall Street Journal, Yelp, Mashable and some sites hosted by Amazon.com Inc.
The hackers used home devices previously infected with a malicious code – in this case, Mirai code that was dumped on to the internet a month ago – – that caused outages that began in the United States, but quickly spread across the country and then to Europe.
The U.S. Department of Homeland Security and the FBI have launched an investigation into the breach.
White House spokesperson Josh Earnest said at a briefing on Friday that it was not yet clear who was behind the attack. The comment came in response to a question about whether the breach was part of “what seems to be an escalating cyber war with Russia.”
Earnest replied, “I know that the Department of Homeland Security … is monitoring this situation. And they’ll take a close look at it. But at this point, I don’t have any information to share about who may be responsible for that malicious activity.”
Users in some areas of Western Europe were unable to make payments on the PayPal site late Friday as well. There was no indication that Israel was affected by the cyber attack.