By 
The internet was on shaky footing for the better part of Friday thanks to a large-scale attack on a company that runs a large portion of crucial internet infrastructure. It's still too early to know exactly who is behind the attack, but experts have begun to pin down which devices are doing the bulk of the work. It's not computers, but devices from the so-called Internet of Things. We're talking smart fridges, web cams, and DVRs. It may sound funny, being attacked by refrigerators, but don't laugh. It's actually horrifying.
The current assault against Dyn is one of the simplest in a hacker's playbook. The distributed denial of service attack (DDoS) doesn't require breaking into a target's computers or finding any secret weakness. Instead, it involves simply pummeling them with so much traffic they can't possibly keep up. Hackers executing a DDoS call upon millions of machines under their control and command them to ask the target for so many things all at once that the target all but melts down under the strain.
If you visualize it, it looks a little like this:
Executing a DDoS is simple, but only if you have millions of computers at your disposals. These computers—often known as "zombies"—are machines that have been compromised by some sort of virus or malware. This malware doesn't totally disable the computer, but just sits there waiting for the order to attack a target, as part of a swarm called a botnet.
Building a botnet can be a painstaking process. There are plenty of vulnerable computers in the world, but also plenty of people who take reasonably good care of their trusty phone or laptop, protecting it from infection. However, over the past five years or so, the Internet of Things has introduced millions upon millions of newly internet-connected devices—like DVRs and cameras and smart fridges and thermostats—that hackers can add to their swarms with terrifying ease.
The potential problem has been bubbling up for months, but reached a peak earlier this month when the source code for something called the "Mirai" botnet was released onto the web. Designed to target the Internet of Things specifically, Mirai can scoop up connected devices and add them to a botnet simply by attempting to log into them with their factory-default username and password. Have you changed the password on your smart fridge lately? I thought not.
The Mirai code focuses on all kinds of smart devices including cameras to internet-connected fridges, but its bread and butter is DVRs. Of the nearly 500,000 devices known to be compromised by the Mirai malware, some 80 percent of them are DVRs, according to an in-depth investigation of by Level 3 communications.
These infected DVRs, along with a few thousand other gadgets, can drive ludicrous amounts of traffic. Devices compromised by this malware were responsible for a 620Gbps attack against the security website Krebs on Security in September, the biggest DDoS the world had ever seen, at the time. Reports from the security firm Flashpoint, by way of Brian Krebs, suggest that it is a botnet based on exactly this technology that is responsible for today's outages, and Dyn has since confirmed this suspicion to TechCrunch.
Last month, security researcher Bruce Schneier started sounding the alarm that someone or something was carefully probing the internet for weakness. A scary prospect on its own, and one followed shortly thereafter by the full release of the Mirai code for any ne'er-do-well to use. Today's attack, it would seem, is a confluence of these two events: An attacker who has been carefully surveying the internet for weak points is now openly wielding one of the most capable blunt weapons we've ever seen blast the web.
The most terrifying part: This is probably only the beginning.
