Believe it or not: Minecraft players caused several large retailers and social media sites to be taken offline.

Believe it…gamers denied retailers thousands of pounds of revenue

The Dyn Attack: The Day the Internet Broke

On October 21, 2016, a massive DDoS attack targeted Dyn, a major DNS (Domain Name System) provider. DNS acts like the internet’s address book, translating domain names (like example.com) into IP addresses that computers can understand. When Dyn went down, so did access to many popular websites like Twitter, Reddit, Netflix, Spotify, and Amazon

For many users in the US and Europe, it seemed as though “the internet was broken.”

How It Happened

The attackers used a botnet called Mirai, which was made up of millions of compromised Internet of Things (IoT) devices like smart cameras, routers, and DVRs. These devices were infected with malware and turned into “zombies” that could be remotely controlled by the attackers.

For many users in the US and Europe, it seemed as though “the internet was broken.”

Why IoT Devices?

IoT devices often have weak security, with default usernames and passwords that users don’t change. The Mirai malware scanned the internet for vulnerable devices, infected them, and added them to the botnet.

Once the botnet was large enough, the attackers launched an enormous flood of traffic at Dyn’s DNS servers. The servers became overwhelmed, effectively making the websites they supported unreachable.

For many users in the US and Europe, it seemed as though “the internet was broken.”

The Scale

The attack generated traffic levels estimated to exceed 1.2 terabits per second, one of the largest DDoS attacks ever recorded at the time.

Who Was Behind It?

The Mirai botnet’s creators were later identified as three college students in the US. They created the botnet to gain an advantage in Minecraft server hosting by taking down competitors. However, they released the Mirai source code online, allowing other hackers to use it, leading to attacks like the one on Dyn.

Lessons Learned

  1. IoT Vulnerabilities: The attack highlighted the dangers of insecure IoT devices, sparking a global conversation about improving IoT security standards.
  2. DNS as a Single Point of Failure: The attack revealed the dependency the internet has on DNS providers and encouraged diversification and stronger protections.
  3. The Scale of Threats: It demonstrated how even “low-tech” devices could be weaponized in cyberattacks, foreshadowing future large-scale DDoS incidents.

The Dyn attack remains a stark reminder of how fragile the internet can be when critical infrastructure is targeted, especially with the growing number of interconnected devices.

Latest Post

recyber logo_female2
Products
  • Republic
  • Services
Contact Us
Newsletter
Get exclusive deals by signing up to our Newsletter.
Follow Us On LinkedIn
© Recyber Opco Ltd, 2025. Registered in England - Company number 15294137