A major cyberattack brought down numerous major American websites Friday, including The New York Times, Twitter, Etsy, Tumblr, Spotify, Comcast, and more. The pages were down for at least two hours Friday morning before being downed again in the afternoon.
How was it possible to take down all those sites at once?
Someone attacked the architecture that held them together — the domain-name system, or DNS, the technical network that redirects users from easy-to-remember addresses like theatlantic.com to a company's actual web servers. The assault took the form of a distributed denial-of-service attack (DDoS) on one of the major companies that provides other companies access to DNS. A DDoS attack is one in which an attacker floods sites "with so much junk traffic that it can no longer serve legitimate visitors," as the security researcher Brian Krebs put it in a blog post Friday morning. [The Atlantic]
Such attacks are on the rise in the United States, though it's not yet clear who was behind Friday's. "These attacks are significantly larger than the ones [companies are] used to seeing," security technologist Bruce Schneier said. "They last longer. They're more sophisticated. And they look like probing."