In The News

Thousands of people couldn’t connect to websites on Friday. This is why…

If you’ve had trouble accessing websites recently, you’re not alone. In fact if you investigated the issue further, you were probably told something like “a DDOS attack is currently preventing any DNS requests, stopping people from accessing certain websites.”

So we explain exactly what that means.

Firstly, the attack was orchestrated against a company called Dyn. Dyn provides DNS services for a large number of websites. It’s not the only company to provide such services for these websites, and not all Internet users will use the service offered specifically by Dyn (they’ll use other companies that provide the same thing) but if Dyn’s services go offline, it will still prevent a lot of Internet users from accessing certain websites.

This is because Dyn is part of a series of services that act as a giant telephone book for the Internet. When you type Twitter.com into your web browser, your Internet company needs to know the numerical IP address for that website. Without the IP address, your Internet company (ISP) doesn’t know where to “connect your call”.

Services like Dyn act as lookup services that your ISP can ask regarding converting a web address (e.g. Twitter.com) into the correct IP address (e.g. 128.242.250.148) so your ISP can connect your computer to the correct web server so you can access the website.

If services like Dyn go down, your ISP will try and fail to obtain the correct IP address for a website, and your query (when you type a website into your browser and hit enter, that’s a query) will time-out and fail.


Sponsored Content. Continued below...




And this is exactly what happened to a number of users on Friday in both the United States and Europe. Any person trying to visit a webpage who were taken through any DNS services provided by Dyn probably experienced this outage, since Dyn was targeted by a widespread DDOS attack.

But what is a DDOS attack?

This refers to a type of attack where a particular service is targeted with large waves of useless information sent to them by a network of computers. So large are these waves of information, that they can overwhelm a service and essentially take it offline.

The useless information, in this case, would have been large numbers of DNS requests coming from a network of computers (single computers would not be able to generate the amount of information needed.)

A good analogy we often use is the coffee shop analogy – imagine having a highstreet coffee shop, and someone sends thousands of people into your coffee shop. Those people don’t buy anything from you (i.e. they’re useless) but they’ll sit in your seats, use your toilet, use your free Wi-Fi and will naturally block your front door. Real customers won’t be able to get in, and there is no way you can rid yourself of these thousands of people. That is sort of like a DDOS attack. We have a full article on it here including how scammers manage to obtain these networks of computers to initiate the attack.

So that is essentially what has happened. Someone, somewhere, has used a network of computers to overwhelm a DNS service like Dyn, taking it offline, and preventing thousands of people across the world from performing DNS lookups to obtain IP addresses, which is what their computers need to connect to websites.

Share
Published by
Craig Haley