Talk:DDoS attacks on Dyn

This is the talk page for discussing improvements to the DDoS attacks on Dyn article. This is not a forum for general discussion of the article's subject.

Put new text under old text. Click here to start a new topic. New to Wikipedia? Welcome! Learn to edit; get help. Assume good faith Be polite and avoid personal attacks Be welcoming to newcomers Seek dispute resolution if needed Article policies Neutral point of view No original research Verifiability

Find sources: Google (books · news · scholar · free images · WP refs) · FENS · JSTOR · TWL

A news item involving DDoS attacks on Dyn was featured on Wikipedia's Main Page in the In the news section on 23 October 2016.

This article is rated C-class on Wikipedia's content assessment scale.
It is of interest to the following WikiProjects:Computer Security: Computing Mid‑importance

	This article is within the scope of WikiProject Computer Security, a collaborative effort to improve the coverage of computer security on Wikipedia. If you would like to participate, please visit the project page, where you can join the discussion and see a list of open tasks.Computer SecurityWikipedia:WikiProject Computer SecurityTemplate:WikiProject Computer SecurityComputer Security articles
Mid	This article has been rated as Mid-importance on the project's importance scale.
	This article is supported by WikiProject Computing.
Things you can help WikiProject Computer Security with: Article alerts will be generated shortly by AAlertBot. Please allow some days for processing. More information... Answer question about Same-origin_policy Review importance and quality of existing articles Identify categories related to Computer Security Tag related articles Identify articles for creation (see also: Article requests) Identify articles for improvement Create the Project Navigation Box including lists of adopted articles, requested articles, reviewed articles, etc. Find editors who have shown interest in this subject and ask them to take a look here.

Computing: Networking / Software / Websites High‑importance

	This article is within the scope of WikiProject Computing, a collaborative effort to improve the coverage of computers, computing, and information technology on Wikipedia. If you would like to participate, please visit the project page, where you can join the discussion and see a list of open tasks.ComputingWikipedia:WikiProject ComputingTemplate:WikiProject ComputingComputing articles
High	This article has been rated as High-importance on the project's importance scale.
	This article is supported by Networking task force (assessed as Mid-importance).
	This article is supported by WikiProject Software (assessed as Mid-importance).
	This article is supported by WikiProject Websites (assessed as Mid-importance).

Crime and Criminal Biography Low‑importance

	This article is within the scope of WikiProject Crime and Criminal Biography, a collaborative effort to improve the coverage of Crime and Criminal Biography articles on Wikipedia. If you would like to participate, please visit the project page, where you can join the discussion and see a list of open tasks.Crime and Criminal BiographyWikipedia:WikiProject Crime and Criminal BiographyTemplate:WikiProject Crime and Criminal BiographyCrime-related articles
Low	This article has been rated as Low-importance on the project's importance scale.

Europe Low‑importance

	This article is within the scope of WikiProject Europe, an effort to build a comprehensive and detailed guide to European topics of a cross-border nature on Wikipedia.EuropeWikipedia:WikiProject EuropeTemplate:WikiProject EuropeEurope articles
Low	This article has been rated as Low-importance on the project's importance scale.

Internet Mid‑importance

	This article is within the scope of WikiProject Internet, a collaborative effort to improve the coverage of the Internet on Wikipedia. If you would like to participate, please visit the project page, where you can join the discussion and see a list of open tasks.InternetWikipedia:WikiProject InternetTemplate:WikiProject InternetInternet articles
Mid	This article has been rated as Mid-importance on the project's importance scale.

United States Mid‑importance

	This article is within the scope of WikiProject United States, a collaborative effort to improve the coverage of topics relating to the United States of America on Wikipedia. If you would like to participate, please visit the project page, where you can join the ongoing discussions. Template Usage Articles Requested! Become a Member Project Talk Alerts United StatesWikipedia:WikiProject United StatesTemplate:WikiProject United StatesUnited States articles
Mid	This article has been rated as Mid-importance on the project's importance scale.

The following references may be useful when improving this article in the future: Hacked webcams that helped shut down the internet last week are being recalled by Ashley Carman on The Verge

Wikipedia:In_the_news/Candidates#Cyberattacks -- Zanimum (talk) 21:58, 21 October 2016 (UTC)[reply]

Anyone interested in a big overhaul of the structure of the article? Right now the Investigation section is a bit of a mess, I suggest we create three distinct sections: one providing some background on IoT-based attacks and Mirai; one with an analysis of the actual Dyn attack, its impact and size; one on further investigations on the perpetrators.--DarTar (talk) 02:41, 22 October 2016 (UTC)[reply]

http://www.channelnewsasia.com/news/singapore/starhub-fibre-broadband-service-outage-sparks-customers-ire/3227690.html A ISP in Singapore (Starhub) is also suffering similar DNS issues to the ones that had issues in DynDNS. There is no source for the DNS problems currently, but as I'm currently being affected by this issue, I am sure it is a DNS issue and sources will likely be published when the news hits the press in a few hours. Thus, I'd like to ask for this issue to be watched.

Edit: another source: https://www.facebook.com/StarHub/posts/10154723132242472 — Preceding unsigned comment added by Mount2010 (talk • contribs) 16:29, 22 October 2016 (UTC) -- Confirmed DDOS on DNS servers that may be related to the DynDNS DDOS, anyone knows if this is related? http://www.straitstimes.com/tech/starhub-broadband-disruption-due-to-spike-in-traffic-that-jammed-its-domain-name-servers Mount2010 (talk) 15:14, 25 October 2016 (UTC)[reply]

User:Doc Strange - there's a redirect (two in fact) for the group which targets this article. It was formerly to the section "Perpetrators" but now to the top of the article. MOS says to either bold or italicise per least astonishment. In the lead always seems a better location for bold, but I've left as italics for now. It's a R with possibilities. Widefox; talk 21:02, 22 October 2016 (UTC)[reply]

Okay. Didn't know that. Doc Strange^MailboxLogbook 21:12, 22 October 2016 (UTC)[reply]

User:Brandmeister per MOS:BOLD "To follow the "principle of least astonishment" after following a redirect...", WP:R#PLA "article or section to which the redirect goes. It will often be appropriate to bold" Widefox; talk 12:14, 30 October 2016 (UTC)[reply]

I've removed the boldface and the invisible comment. Using boldface where a section is dedicated to a subtopic is fine with me, but having the redirect be bolded in the target in this situation is unhelpful. The group is only mentioned once, not the topic of the section, and halfway through the sentence alongside names of other orgs. I don't think it was an aid to readers. MOS:BOLDREDIRECT doesn't explicitly say that what was done here is discouraged, buuut it seems like it would be. SWinxy (talk) 06:24, 14 April 2023 (UTC)[reply]

The three-part structure suggested above makes sense: botnet and techniques used - impacts - follow-up. The section on impacts is not currently well described, and in particular I'd question the use of a map relating to Level 3 (following its use on a couple of websites). Level 3 is just one Tier 1 network, so I'm not sure of its actual relevance - is it integral to Dyn's multicast network in some way? I noticed 99.7% packet loss to Dyn's servers from Europe and at one point the vast majority of ISPs servers all over the world had no cached records for twitter.com. So although it was stated in some news reports as mostly affecting eastern USA, this is doubtful. In other words, we need more expert reliable sources to explain if and why some regions were more affected. --Cedders^tk 21:48, 24 October 2016 (UTC)[reply]

Dear all,
The article does not explain, how/why the attack ended. Did the attackers stop it? Why? Or was it eventually fended off? How?
Thank you in advance for adding this information.
Yours, Ciciban (talk) 12:57, 15 November 2016 (UTC)[reply]

A reader contact the Wikimedia ( ticket:2017042310000168 ) to note that the incident associated with Education Quality and Accountability Office occurred on 20 October not 21 October. Unfortunately, the reference discussing the incident is dated 24 October and does not definitively identify the date of the attack (unless I missed it). The article does not mention Dyn. Unless someone can add corroborating evidence that it was associated with the Dyn attack, this may be a mere coincidence (or perhaps a trial run?). I plan to remove this entry on the sourcing can be found which clearly identifies this as a Dyn attack.--S Philbrick(Talk) 13:52, 29 April 2017 (UTC)[reply]

This site supports the claim that it occurred 20 October not 21 October, so I plan to remove it from the article.--S Philbrick(Talk) 16:47, 1 May 2017 (UTC)[reply]