Dyn DDOS Attack Affects Several Name Brand Websites

This week we hear how about how the Dyn DDOS attack affected several name brand websites such as Twitter, Spotify, eBay, and Reddit. We also learn about a serious “Dirty Cow” Linux Exploit.


Dyn DDOS Attack Affects Several Name Brand Websites

Several websites, such as Twitter, Spotify, eBay, and Reddit, were affected by a major DDoS cyberattack that affected most companies in the East Coast last week. The DDOS attack was targeted at Dyn, a company that offers a platform to optimize websites’ online performance headquartered in New Hampshire. There were a total of two attacks that took place within a few hours from each other.

Dyn’s DNS service acts as an address book for the internet, bridging human-readable domain names and IP addresses that the internet understands. The DDoS attack sent an overwhelming amount of lookup requests to the DNS to cause the network to crash. It’s possible that the attack was a part of a genre of DDoS attack that infects Internet of Things devices with malware and turns them into botnet armies to flood malicious traffic toward a target.

References: What We Know About Friday's East Coast Outage | East Coast Internet Service Attacks 'Coming in Waves' | Mass Internet Disruption Caused by DDoS Attack on DNS Company Dyn

Mitigation Strategies:

  • Ensure a well-defined and tested incident response plan is in place
  • 24x7 security monitoring by a security operations center to quickly detect a DDoS attack and implement the incident response plan to mitigate the risk
  • Validate that your service provider and internal networking teams have a robust networking infrastructure implemented to minimize the effects of a DDoS attack


A Serious “Dirty Cow” Linux Exploit

Dirty Cow is a silly name, but it’s a serious Linux kernel exploit. The name comes from a race condition in the way the Linux kernel’s memory subsystem handles copy-on-write (COW) breakage of private read-only memory mappings. The security hole allows an underprivileged local attacker to gain write access to otherwise read-only memory mappings and increase their privileges on the system.

Researchers are taking the flaw very seriously as it’s not difficult to develop exploits and this vulnerability is located in a section of the Linux kernel that’s a part of every distribution of open-sourced OS released in the last decade. 

References:  The Dirty Cow Linux Bug: A Silly Name For A Serious Problem | "Dirty COW" Linux Kernel Exploit Seen in The Wild | Explaining Dirty Cow

Mitigation Strategies:

Top 20 Malicious IP Addresses

*IP addresses provided by Recorded Future.