In a move that appears to have been as much of a surprise for folks at Oracle as for anyone else, Dyn — the commercial DNS provider whose name entered the general public’s vocabulary last October, as the target of a massive distributed denial-of-service attack — has agreed to be acquired by Oracle for an undisclosed sum.
Dyn’s principal service is its Internet Performance Management (IPM) platform, which offers large customers with global data center presence a means of dynamically steering their users to the most accessible points of presence. Think of it like load balancing at a deeper level of infrastructure, and either a complement or an alternative to a CDN.
But for general consumers, Dyn also operated a service for routing remote devices for browser accessibility — for example, letting a user directly access a video feed from the security camera on her front porch, from any other browser. DynDNS makes components of a home network accessible from a Web address associated with one of Dyn’s own domain names.
Looking through today’s presentation material Oracle compiled for investors [PDF], it’s clear that DynDNS was not the service that made Dyn appealing to Oracle. Rather, Oracle perceives DNS management as a competitive alternative to CDN, giving its cloud services platform a value-add that other CSPs may not be able to match.
“While Oracle already offers enterprise-class IaaS and PaaS for Internet applications and cloud service,” wrote Dyn’s Chief Strategy Officer Kyle York, in a company blog post this morning, “Managed DNS and its corresponding value added services are critical core components of being a full-stack cloud platform provider. Adding Dyn’s best-in-class DNS solution to Oracle cloud will provide enterprise customers a one-stop shop for infrastructure services.”
It was Dyn’s consumer services that put its entire network in jeopardy last October, along with measurably slowing down the entire Internet worldwide. As security journalist Brian Krebs was among the first to report, an open source strain of malware dubbed Mirai had targeted particular Internet of Things devices, especially cameras and DVRs.
Those video devices included embedded firmware manufactured by Hangzhou XiongMai Technologies, which for one reason or another, hard-coded the default administrator password in the devices’ firmware. Even for users who had followed instructions and changed their passwords, the default admin password was still operable.
That enabled the malware to flash the firmware with instructions making them into launch points for attacks on Dyn’s servers. GitHub, Netflix, Reddit, SoundCloud, Spotify, Twitter, and major news sites such as CNBC experienced significant slowdowns as a result. Even some access to Amazon AWS became limited, although Amazon utilized backup DNS servers — a safety contingency evidently not all providers consider.
The only viable reason Dyn may have been the final target for the malware attack was to demonstrate the fragility of the Internet, when enough pressure is applied to a single point.
Nonetheless, the negative association that resulted from the attack in the popular press ended up casting Dyn in a dark light along with the fragility of Internet security as a whole, the uncertainty about IoT standards, and even the last set of election results. Although Dyn is not a publicly traded company, its growth plans may have been dependent on extending the trust it had attained with its existing customer base.
The underlying message in Oracle’s requisite FAQ document [PDF] following today’s merger announcement was, don’t ask so many questions. Both companies will continue to operate independently for their respective services. But beyond that, the FAQ did not say much more, besides providing a link back to the document which linked to the FAQ.
The deal will be subject to regulatory approval, which may not be forthcoming in the wake of staff changes at federal agencies.