DYN DDoS Attack Takes Down Twitter, Amazon, Netflix

Amazon, Twitter, Github, Spotify, Netflix, Etsy, Reddit, and other major websites were disrupted today by a wide-spread distributed denial of service (DDoS) attack. The criminals targeted the servers of Dyn, a major DNS host. The company immediately responded with this announcement:

Starting at 11:10 UTC on October 21st-Friday 2016 we began monitoring and mitigating a DDoS attack against our Dyn Managed DNS infrastructure. Some customers may experience increased DNS query latency and delayed zone propagation during this time. Updates will be posted as information becomes available.

This attack is mainly impacting US East and is impacting Managed DNS customers in this region. Our Engineers are continuing to work on mitigating this issue.

A domain name server (DNS) acts as a directory service for the internet. It helps direct traffic by translating user-friendly web addresses, like “google.com,” into their associated IP addresses. Distributed Denial-of-Service (DDoS) attacks involve multiple compromised, remotely-controlled computer systems overloading a target with too much activity. This causes the system to move considerably slower or shut down entirely.

This means, legitimate traffic can no longer access company websites or services. Intruder-controlled computers are called zombies or bots. A grouping of zombie computers or bots is referred to as a zombie army or botnet. In this case, hackers are overwhelming Dyn’s servers with unusable data and repetitive load requests, which prevents useful data from getting through.

No group has risen to take ownership of the DDoS attack yet. Eric Geller, cybersecurity reporter for Politico, reports from a briefing with White House Press Secretary Josh Earnest that the Department of Homeland Security is watching and evaluating the attack.

At briefing just now, @PressSec said DHS was monitoring the Dyn DDoS. pic.twitter.com/mSJ0TA0oCC

— Eric Geller (@ericgeller) October 21, 2016

Earlier, Dyn stated that “Services have been restored to normal as of 13:20 UTC.” Within hours, the attack began again and sites went back down. According to readers of Gizmodo, this is a list of websites affected by the DDoS attack:

• ActBlue
• Ancersty.com
• Atom.io
• Basecamp
• BBC
• Big cartel
• Box
• Business Insider
• Cleveland.com
• CNN
• ConstantContact
• Credit Karma
• Dailynews.com
• Disqus
• donorschoose.org
• Elder Scrolls Online
• Etsy
• Eve Online
• Eventbrite
• Fox News
• Genonebiology.com
• Github
• Grubhub
• Guardian.co.uk
• HBO Now
• Iheart.com (iHeartRadio)
• Imgur
• Indeed.com
• Intercom
• Intercom.com
• Mashable
• Netflix
• New York Times
• NHL.com
• Okta
• PayPal
• People.com
• Pinterest
• Playstation Network
• Recode
• Reddit
• Shopify
• Soundcloud
• Spotify
• Squarespace Customer Sites
• Starbucks rewards/gift cards
• Storify.com
• The Verge
• Time.com
• Twillo
• Twitter
• Urbandictionary.com
• Weather.com
• Weebly
• Wikia
• Wired.com
• Wix Customer Sites
• WSJ.com
• Wufoo.com
• Xbox.com
• Yammer
• Yelp
• Zendesk.com
• Zoho CRM

As of Friday afternoon, the attack persists and officials continue to investigate. Keep an eye on updates as DNS Status provides them for any resolution to this DDoS attack.

Contact us to learn more about secure remote access software.