Several major websites, including Amazon, Twitter, Spotify, Reddit, and more, were knocked out early Friday after apparent distributed denial of service (DDoS) attacks.
Gizmodo reported that Dyn, a DNS host, was investigating two separate attacks that caused huge outages and prevented customers from accessing a number of widely-used services. The initial attack started early Friday morning.
“Our engineers continue to investigate and mitigate several attacks aimed against the Dyn Managed DNS infrastructure,” Dyn wrote on its status page just before 11 a.m. PT.
Amazon Web Services, for example, reported that connectivity problems “were caused by errors resolving the DNS hostnames for some AWS endpoints.”
Other companies also announced issues:
Uh oh, we’re having some issues right now and investigating. We’ll keep you updated!
— Spotify Status (@SpotifyStatus) October 21, 2016
The earlier issues have resurfaced & some people may still be having trouble accessing Twitter. We’re working on it! https://t.co/1soA6QV9mH
— Twitter Support (@Support) October 21, 2016
DownDetector revealed many more websites that had issues.
Corey Nachreiner, CTO at WatchGuard Technologies and GeekWire contributor, said much remains unknown about the attack, specifically its size or what types of devices are behind it.
“However, to me, the more interesting story is who/what these attackers have targeted. Typically, (a) DDoS attack target a single organization. In this case, however, the attackers targeted a service that plays a key part in the infrastructure of the internet, the Domain Name Service,” he said via email.
There are steps companies can play to defend against DDoS attacks, like cloud-based protection services. But in this case, with attackers going after a core part of internet operations versus a single organization, there is little that can be done by individual organizations to protect themselves.
Nachreiner noted that well-known security expert and cryptographer, Bruce Schneier, posted about “threat actors” practicing on taking down the Internet with DDoS attacks. “This sort of attack, which targets a key Internet service, lends some credence to Schneier’s post,” said Nachreiner.
The interruptions did perhaps lead to some productivity for some folks, though.
twiter was down for like 20 minutes this morning and in that time i wrote ten papers, read evrey book on my reading list, built a cupboard,
— jomny sun (@jonnysun) October 21, 2016
Even Mr. Robot chimed in.
— Mr. Robot (@whoismrrobot) October 21, 2016
DDoS attacks are typically caused by overloading a website’s server with excessive/fake requests. You can read more about DDoS attacks here. We’ll update this story as more information becomes available.
Here’s what Nachreiner had to say when we asked how organizations can mitigate the threats of DDoS attacks:
So how can a CTO prevent this against their organization? Well, that’s a somewhat complex problem. In the case of most direct DDoS attacks, which are flooding your infrastructure, I recommend some sort of cloud-based DDoS protection service. There are local DDoS protection appliances, but even they can become overwhelmed with the sheer scale of some of the DDoS attacks today (the latest allegedly reaching 1Tbps).
Cloud or hybrid DDoS solutions handle much of the attack up-stream, distributing some of the load through a large, distributed network, and blocking much of the traffic before it even reaches your gates. That said, today’s DDoS attack was not an attack on Netflix, Twitter, or others directly…
Rather it was an attack on a DNS service that plays a core role on the Internet. If the services you rely on to direct customers to your domain goes down, you can contact your DNS registrar to temporarily redirect your domain to another server until the other recovers. There is little we can do to protect against these services directly, because they are out of our direct control. In short, this is an industry problem. Critical service vendors, like DNS hosts, need to implement strong DDoS protection themselves, as they play a critical part in how the Internet works.