SAN FRANCISCO (CBS SF) – Homeland Security officials were investigating a series of Friday cyber attacks that have caused a wave of disruption of service to San Francisco-based Internet giants Twitter, Pinterest and Airbnb among other digital companies.
The series of far-reaching cyber attacks crippled some of Silicon Valley’s biggest companies.
Bay Area-based companies including Netflix and Reddit have also been impacted by the attacks. Many internet-based companies were disrupted for most of the day.
One attack after another kept the Department of Homeland security busy.
The attacks began shortly after 7 a.m. on the East Coast. After about two hours, the sites were back online, but then a second wave of attacks just before noon, around the same time the White House briefing got underway.
“I don’t have any information to share about who may be responsible for that malicious activity,” said White House Press Secretary Josh Earnest.
And getting that answer is complicated, because the attacks are coming from millions of IP addresses at the same time.
“Your computer, your router, your smart tv, even security cameras; anything connected to the Internet, they may have hacked it, said CNETs Laura Hautala. And now they’re using it as part of their network to attack these websites.”
The attack appears to have targeted New Hampshire-based DYN Inc, a major internet management firm that provides services to scores of websites.
Someone unleashed a Denial of Service attack, which simulates a flood of bogus traffic that overwhelms servers, affecting the internet’s central directory.
Members of a shadowy hacker collective that calls itself New World Hackers claimed responsibility for the attack via Twitter, although their assertion couldn’t be verified. They said they organized networks of connected “zombie” computers that threw a staggering 1.2 terabits per second of data at the Dyn-managed servers.
“We didn’t do this to attract federal agents, only test power,” two collective members who identified themselves as “Prophet” and “Zain” told an AP reporter via Twitter direct message exchange. They said more than 10 member participated in the attack. It was not immediately possible to verify the claim.
Dyn officials said they did not know who was behind the attacks or if they were orchestrated by a state-backed group or online activists or pranksters. They said they have received no claim of responsibility, but are working with law enforcement.
The collective, @NewWorldHacking on Twitter, has in the past claimed responsibility for similar attacks against sites including ESPNFantasySports.com in September and the BBC on Dec. 31. The attack on the BBC marshalled half the computing power of Friday’s onslaught.
The collective has also claimed responsibility for cyber attacks against Islamic State. The two said about 30 people have access to the @NewWorkdHacking Twitter account. They said 20 are in Russia and 10 in China. “Prophet” said he is in India. “Zain” said he is in China. The two claimed to be taking “good actions.”
For James Norton, the former deputy secretary at the Department of Homeland Security who now teaches on cybersecurity policy at Johns Hopkins University, the incident was an example of how attacks on key junctures in the network can yield massive disruption.
“I think you can see how fragile the internet network actually is,” he said.
Dyn officials said attacks stemmed from tens of millions of devices connected to the internet — closed-circuit video cameras, digital video recorders and even thermostats — that were infected with malware. Attacks came in waves and from IP addresses from around the world, shifting geographically.
“It is a very smart attack. As we start to mitigate they react and start to throw something that’s over the top,” Kyle York, chief strategy officer of Dyn, on a call with reporters.
KPIX 5 security analyst and former FBI special agent Jeff Harp said attacks like this will only escalate.
“I mean, there’s certainly groups out there that are certainly more savvy at doing this than others,” said Harp. “But I think as time goes on, we’re going to see more of this happening.”
Fortunately, there are small steps you can take to protect yourself, starting with your router.
“Just download the firmware and pick a different frequency. That’s good practice,” said Harp. And I never use the same password for all my different devices.”
Security experts have recently expressed concern over increasing power of denial-of-service attacks following high-profile electronic assaults against investigative journalist Brian Krebs and French internet service provider OVH .
In a widely shared essay titled “Someone Is Learning How to Take Down the Internet,” respected security expert Bruce Schneier said last month that major internet infrastructure companies were seeing a series of worrying denial-of-service attacks.
“Someone is extensively testing the core defensive capabilities of the companies that provide critical internet services,” he said.
TM and © Copyright 2016 CBS Radio Inc. and its relevant subsidiaries. CBS RADIO and EYE Logo TM and Copyright 2016 CBS Broadcasting Inc. Used under license. All Rights Reserved. This material may not be published, broadcast, rewritten, or redistributed. The Associated Press contributed to this report.