Watch CBS News

Expert: Cyberattack Of Popular Websites 'New Wave Of Warfare'

NEW YORK (CBSNewYork/AP) -- A series of cyberattacks took down several popular websites across the U.S. Friday after a key firm was hit by hackers.

New Hampshire-based Dyn said its server infrastructure was hit by a distributed denial-of-service attack, which works by overwhelming targeted machines with malicious electronic traffic.

CBS2's Alice Gainer reports millions were affected by the hacking attack.

The cyberattack blocked half of East Coast web users from accessing hugely popular websites, including Twitter, Netflix, Amazon and Spotify.

The company said in a series of statements that the attack took place early Friday local time and created disruption, but later said that "services have been restored to normal.''

But then just before noon, the company detected another wave of DNS attacks and acknowledged that the problem was not yet solved, CBS News reported.

"We are continuing to mitigate a DDoS against our Managed DNS network," it said.

CBS2's Brian Conybeare reports WikiLeaks hinted its backers may have done it to allegedly punish the U.S. for cutting off internet access to Julian Assange, the group's leader, who's been leaking stolen emails from Hillary Clinton's presidential campaign for weeks.

"Mr. Assange is still alive and WikiLeaks is still publishing. We ask supporters to stop taking down the US internet. You proved your point," the group tweeted.

Another group called New World Hackers also claimed responsibility for the attack. However, those claims of responsibility could not be independently verified.

In a statement to CBS News, the U.S. Department of Homeland Security said it was aware of the attack and is "investigating all potential causes."

"It doesn't look like the kid in the basement with a laptop," said CBS News Homeland Security consultant Fran Townsend. "It looks more sophisticated than that."

The White House said U.S. officials don't know yet who was behind the attack.

"I know the Department of Homeland Security, that is the U.S. government agency that is responsible for monitoring our security in cyberspace and coordinating with the public and private sector to protect U.S. interests in cyberspace, is monitoring the situation," said White House Press Secretary Josh Earnest. "And they'll take a close look at it. At this point, I don't have any information to share about who might be responsible for that malicious activity.

David Kennedy, founder of information security firm TrustedSec, called this type of hacking the "new wave of warfare."

"This just goes to show you this is the new wave of warfare that we're dealing with right now, and while we don't know where it's coming from, the magnitude of it does lead to believe it was very targeted at American-based companies," said Kennedy.

Steve Grobman, chief technology officer at Intel Security, compared an outage at a domain name services company to tearing up a map or turning off GPS before driving to the department store. "It doesn't matter that the store is fully open or operational if you have no idea how to get there," he said in a telephone interview.

Jason Read, founder of the internet performance monitoring firm CloudHarmony, owned by Gartner Inc., said his company tracked a half-hour-long disruption early Friday in which roughly one in two end users would have found it impossible to access various websites from the East Coast. A second attack later in the day caused disruption to the East and West Coasts as well as impacting some users in Europe.

"It's been pretty busy for those guys," Read said. "We've been monitoring Dyn for years and this is by far the worst outage event that we've observed."

Read said Dyn provides services to some 6 percent of America's Fortune 500 companies. That means a lot of disruption.

"It impacted quite a few users," he said of the morning's attack.

The level of disruption caused was hard to gauge, but Dyn provides internet traffic optimization to some of the biggest names on the web, including Twitter, Netflix and Visa.

According to published reports, Twitter, Airbnb, Netflix, Amazon and Spotify were among the sites that appeared to be affected.

"Uh oh, we're having some issues right now and investigating," Spotify tweeted. "We'll keep you updated!"

They later tweeted that "everything should be back to normal."

Other sites, such as coder hangout GitHub, said they too were experiencing problems.

"A global event is affecting an upstream DNS provider," it said on Twitter. "GitHub services may be intermittently available at this time."

GitHub later tweeted: "The upstream DNS incident has been resolved. We continue to monitor our systems while they deliver a backlog of webhook events."

According to CNET, Twitter reported "various Twitter domains including twitter.com may have been inaccessible for users in some regions, due to failures resolving particular DNS hostnames."

For James Norton, the former deputy secretary at the Department of Homeland Security who now teaches on cybersecurity policy at Johns Hopkins University, the incident was an example of how attacks on key junctures in the network can yield massive disruption.

"I think you can see how fragile the internet network actually is," he said.

Security experts have recently expressed concern over increasing power of denial-of-service attacks following high-profile electronic assaults against investigative journalist Brian Krebs and French internet service provider OVH .

In a widely shared essay titled "Someone Is Learning How to Take Down the Internet," respected security expert Bruce Schneier said last month that major internet infrastructure companies were seeing a series of worrying denial-of-service attacks.

"Someone is extensively testing the core defensive capabilities of the companies that provide critical internet services," he said.

(TM and © Copyright 2016 CBS Radio Inc. and its relevant subsidiaries. CBS RADIO and EYE Logo TM and Copyright 2016 CBS Broadcasting Inc. Used under license. All Rights Reserved. This material may not be published, broadcast, rewritten, or redistributed. The Associated Press contributed to this report.)

View CBS News In
CBS News App Open
Chrome Safari Continue
Be the first to know
Get browser notifications for breaking news, live events, and exclusive reporting.