Web service provider Dyn said Saturday evening that a cyberattack that disrupted huge chunks of the Internet Friday is under investigation, and that the company is looking out for other digital assaults.
The attack, which Dyn said had been resolved, was notable because the firm says the attackers used an emerging form of malware called “Mirai” to hijack everyday items such as security cameras and DVRs that were connected to the Internet. The attack also highlighted how targeting just one company could create havoc across the Web.
“The nature and source of the attack is under investigation, but it was a sophisticated attack across multiple attack vectors and Internet locations,” Kyle York, chief strategy officer of the New Hampshire-based company, wrote in a blog post.
Dyn said it is monitoring for signs of additional attacks. It is still unknown who was behind the attack. The U.S. government is also investigating the incident.
The digital assault began Friday morning, when the firm’s systems were overwhelmed with huge amounts of traffic in what is commonly known as a distributed denial of service, or DDoS attack. The attack came in waves throughout Friday and the effects appeared to have continued into Saturday.
Dyn is a major provider of domain name system, or DNS, services — a key piece of Internet infrastructure that enables users to connect to websites. Many users around the world had trouble accessing popular services including Twitter, Paypal and Netflix during the attacks.
DDoS attacks have become more frequent and more powerful in recent years, but York called the cyberattacks that hit Dyn potentially “historic.” Traffic from tens of millions of IP addresses — some of which came from Internet of Things devices — blasted the company’s systems, he said.