What happened to the Internet last week -- and why it matters


WASHINGTON, DC — Somebody finally did what Internet experts have been fearing for years.

That somebody was able to manipulate millions of Internet-connected dumb devices, like surveillance cameras and DVRs, possibly by getting into their automatic software updates or simply by guessing the devices' default passwords. Once that password is known — most are never changed, and some may even be hard-coded so they can’t be — virtually all the devices of that type can be accessed and turned into bots.

Then at a predetermined time, all the devices sent pings over the Internet to one of the largest address look-up sites. What’s a look-up site? Whenever we surf to a website, our browser quickly and invisibly connects to an address look-up site, known as a domain name server, to convert what we typed in, say www.ABCNews.com, into a long numeric address that is necessary to route you to the right place. But when the botnet flooded the address look-up site with data in what’s known as a distributed denial of service (DDoS) attack, nobody else could get through to it. Thus, when people tried to connect to some websites, nothing happened. The websites themselves were fine, but users couldn’t get to them.

Most people’s eyes glazed over when they read news stories last week about something happening to the Internet. One reason for that reaction was that the news accounts were filled with terms like “Domain Name System,” “distributed denial of service” and “the Internet of things” or, even worse, their abbreviations: DNS, DDoS and IoT. In this case, the IoT DDoS-ed the DNS.

Whatever was going on, it did not seem to affect our lives, or if it did, only as a small annoyance. Should we have paid more attention? I think so, and here is why:

There had been lots of these denial of service attacks before, but this one and a few others recently took advantage of the rapidly increasing number of insecure, dumb devices connected to the Internet. Experts estimate there will be 50 billion such devices within five years, and few of them can ever be made secure. With that many easily hacked devices out there, these denial of service attacks could become frequent and common — especially after the source code for a large botnet, called Mirai, was released online a few days ago. Analysts say Mirai was used in last week’s attack.


The other truly disturbing aspect of these new attacks was that they went after the address look-up system, which is insecure and vulnerable. Going after this Achilles’ heel of the Internet works to block traffic even if the websites have been made very secure from hacking.

[ABC News consultant Richard Clarke is a former White House official who served as the senior cyber policy adviser for Bill Clinton’s and George W. Bush’s administrations. He has since consulted for private companies on cyber issues and is the author of the book “Cyber War: The Next Threat to National Security and What to Do About It.”]