A distributed denial of service attack on Dynamic Network Services, otherwise known as Dyn, in October 2016, led to the company losing a considerable amount of business, according to data from the security services company BitSight.
A report at the Security Ledger website said while Internet users endured short-term pain because they were cut off from popular websites during the attack, the company, Dyn, lost the business of about 8% of the domains — about 14,500 — it was hosting shortly thereafter.
This figure was based on statistics in a talk given on 24 January by Dan Dahlberg, a research scientist at BitSight Technologies in Cambridge, Massachusetts.
Dyn is based in Manchester, New Hampshire. It was recently bought by Oracle Corporation.
During the outage, Dyn was targeted by hackers who are said to have used digital video recorders and security cameras which were compromised by malware known as Mirai and used to form a massive botnet.
The first attack, on 21 October 2016 US time, began at 7.10am EDT (10.10pm AEDT) and, once this was resolved by Dyn, further waves caused disruptions throughout the day.
While major US websites like Twitter, Spotify, Netflix and Paypal were disrupted, the application performance management software company Dynatrace said that Australian websites were affected as well.
Among the Australian sites that took a hit, Dynatrace listed AAMI, ANZ, BankWest, Coles, The Daily Telegraph, Dan Murphy’s, ebay, HSBC, The Herald Sun, NAB, 9News, The Age, Ticketmaster, The Australian, Woolworths, The Sydney Morning Herald, and Westpac.
BitSight provides security rating services for companies. It analysed 178,000 domains that were hosted on Dyn’s managed DNS infrastructure before and after the attacks; of these 145,000 used Dyn exclusively, while the remaining 33,000 used Dyn and others too.
After the attack, according to Dahlberg, 139,000 of the 145,000 domains managed exclusively by Dyn continued to use its services, a loss of 4% or 6000 domains. Among domains that used Dyn and other providers as well, there was a loss of 8000 domains, or 24%.
Security Ledger said it had tried to get a comment from Dyn but was refused one.
It is not clear whether any of the 14,500 domains that were found not to be using Dyn’s services in the aftermath of the attack returned to the provider.