If you woke up last Friday distraught and asking what the world has happened as major internet websites and services were unavailable, you are not alone. Gizmodo reported that half the internet was shut down because DNS provider Dyn was under massive DDoS attack.

Alex Fitzpatrick summed this unfortunate incident in his report in Time, "A massive DDoS attack against a major DNS service likely using a botnet of IoT devices resulted in Internet issues across the eastern United States Friday, making it hard for many users to access their favorite sites."

What attacked what?

If that wasn't clear to you, let's take those terms one by one.

A DNS or "domain name system" is basically the internet's phonebook. While you identify us with the URL (uniform resource locator), universityherald.com, our site like all other sites, have a numeric address. When you search for us online, your browser actually uses a DNS to match our URL with the our numeric address to bring you to the right place.

In a DDoS or "Distributed Denial of Service" attack, the target is flooded with massive data, often bogus requests, to overload the system and know the service offline. There are different types of DDoS attacks but this is the simplest concept.

Botnet, tech speak for "robot network" is a network of computers and similar devices under the control of one user. This is often done by hackers using malware to infect electronic devices and gain access without users knowing. When hackers get enough computers infected in their botnet, they can simply point to the target and proceed with DDoS. Access to botnets are sold in the dark web.

The Internet of Things or "IoT" refers to all sorts of gadgets that can connect to the internet. This include self-driving cars, smart TVs, electronic wearables and many others, many of which, security experts believe are not being properly secured. It is also suspected that the botnet used last month in a major DDoS attack was used on Dyn.

Given all that, we can say that a hacker or a group of hackers can use tons of devices to dump massive amount of data to any target till it becomes flooded and unreacheable.

The hackers used a software called Mirai to infiltrate devices. The Register's Chris Williams reports that Mirai was initially used to hack the website of cybercrime blogger Brian Krebs offline last month. The Mirai code has since been leaked.

"Mirai spreads across the web, growing its ranks of obeying zombies, by logging into devices using their default, factory-set passwords via Telnet and SSH. Because no one changes their passwords on their gizmos, Mirai can waltz in and take over routers, CCTV cameras, digital video recorders, and so on." Williams said.

They all went down

There have been 3 tremenduos waves of attack on Dyn but the firm has released a statement acknowledging the support of both their team and customers and disclosed that the matter is being investigated.

Dyn's Kyle York, Chief Strategy Officer wrote that, "At this point we know this was a sophisticated, highly distributed attack involving 10s of millions of IP addresses. We are conducting a thorough root cause and forensic analysis, and will report what we know in a responsible fashion. The nature and source of the attack is under investigation, but it was a sophisticated attack across multiple attack vectors and internet locations. We can confirm, with the help of analysis from Flashpoint and Akamai, that one source of the traffic for the attacks were devices infected by the Mirai botnet. We observed 10s of millions of discrete IP addresses associated with the Mirai botnet that were part of the attack."

Dyn is said to serve 6% of America's Fortune 500 companies, making it a valuable target.

Gizmodo listed websites that were affected by last Friday's attack:

  1. ActBlue

  2. Basecamp

  3. Big cartel

  4. Box

  5. Business Insider

  6. CNN

  7. Cleveland.com

  8. Etsy

  9. Github

  10. Grubhub

  11. Guardian.co.uk

  12. HBO Now

  13. Iheart.com (iHeartRadio)

  14. Imgur

  15. Intercom

  16. Intercom.com

  17. Okta

  18. PayPal

  19. People.com

  20. Pinterest

  21. Playstation Network

  22. Recode

  23. Reddit

  24. Seamless

  25. Spotify

  26. Squarespace Customer Sites

  27. Starbucks rewards/gift cards

  28. Storify.com

  29. The Verge

  30. Twillo

  31. Twitter

  32. Urbandictionary.com (lol)

  33. Weebly

  34. Wired.com

  35. Wix Customer Sites

  36. Yammer

  37. Yelp

  38. Zendesk.com

  39. Zoho CRM

  40. Credit Karma

  41. Eventbrite

  42. Netflix

  43. NHL.com

  44. Fox News

  45. Disqus

  46. Shopify

  47. Soundcloud

  48. Atom.io

  49. Ancersty.com

  50. ConstantContact

  51. Indeed.com

  52. New York Times

  53. Weather.com

  54. WSJ.com

  55. time.com

  56. xbox.com

  57. dailynews.com

  58. Wikia

  59. donorschoose.org

  60. Wufoo.com

  61. Genonebiology.com

  62. BBC

  63. Elder Scrolls Online

  64. Eve Online

  65. PagerDuty

  66. Kayak

  67. youneedabudget.com

  68. Speed Test

  69. Freshbooks

  70. Braintree

  71. Blue Host

  72. Qualtrics

  73. SBNation

  74. Salsify.com

  75. Zillow.com

  76. nimbleschedule.com

  77. Vox.com

  78. Livestream.com

  79. IndieGoGo

  80. Fortune

  81. CNBC.com

  82. FT.com

  83. Survey Monkey

  84. Paragon Game

  85. Runescape

DHS issues a warning

According to Reuters, "The Department of Homeland Security last week issued a warning about attacks from the Internet of Things, following the release of the code for Mirai."

Renowned technology security expert Bruce Schneier has also written about national entities trying to take down the internet.

Presidential spokesperson Josh Earnest said that the White House is aware of the situation and that the DHS was "monitoring" the attacks and at present they have not provided information who was behind these attacks.