Major Websites Experience Outages In Apparent Online Attack
KELLY MCEVERS, HOST:
Today has not been a good day on the internet. Lots of very popular websites have had issues. The New York Times, Twitter and Spotify have been glitchy. PayPal says some transactions haven't gone through. NPR's tech blogger Alina Selyukh is here to tell us what's been happening. Hi there.
ALINA SELYUKH, BYLINE: Hello.
MCEVERS: So what's going on?
SELYUKH: What you might have experienced today is the result of what's called a distributed denial of service attack. It's the kind of attack when hackers overwhelm a website with fake traffic to try to kick it offline. They hijack a ton of other people's computers or devices and then use them to barrage a website just until it shuts down. Except in this case, the victim wasn't just one website. It was a major internet infrastructure company.
It's called Dyn. And what Dyn does is direct traffic. It makes sure that when you type in a web address, you end up exactly where you intended. And so when Dyn's servers are overwhelmed by an attack, the traffic to its clients' websites and services also goes haywire.
MCEVERS: Do we know who's responsible for this attack?
SELYUKH: Right now we don't, but this is a really peculiar attack. Typically, a denial of service attack comes from a bunch of computers infected with malicious software. That sort of thing we've been seeing quite a bit. But in this case, Dyn says their attack is coming not from computers. In fact, it's coming from tens of millions of internet-connected things, and that's pretty new.
We've all been buying all these new devices that are connected to the web. And experts have been warning that they're not very secure. And this is one of the biggest examples of what happens when hackers hijack those internet-connected things and use them to cause harm.
MCEVERS: So, like, this could - this attack could be, like, coming from a house or from, like, here inside the NPR building?
SELYUKH: Theoretically, yes. Dyn says this could be any kind of device connected to the web. Think about all the internet connected things you have at home - a thermostat, a webcam, a router, a DVR. And that's what makes this particular attack so powerful.
Dyn officials say it's really, really distributed, meaning it's coming from an incredible number of directions. And it's also been moving. The trouble started on the East Coast around 7 a.m. And when Dyn cleared its servers there, it moved to another location and has been traveling around the world hitting up Dyn's servers.
MCEVERS: Does Dyn think it will stop soon?
SELYUKH: Dyn officials say they're trying really hard to stop this. And the Department of Homeland Security and the FBI are investigating these attacks. And, actually, this incident is so disruptive that it's bringing together a huge community of security experts. Dyn says that it's gotten help today not only from its own clients but also its rivals. Nobody wants to be next.
MCEVERS: Thanks so much, Alina.
SELYUKH: Thank you very much.
MCEVERS: That's NPR tech blogger Alina Selyukh.
NPR transcripts are created on a rush deadline by Verb8tm, Inc., an NPR contractor, and produced using a proprietary transcription process developed with NPR. This text may not be in its final form and may be updated or revised in the future. Accuracy and availability may vary. The authoritative record of NPR’s programming is the audio record.