A series of denial of service attacks on a major DNS provider spanning all of Friday have caused major issues across the internet, with outages of some of the largest sites and services experienced across about half of the U.S. — and now the Department of Homeland Security is getting involved.
Starting early Friday, assailants started a massive distributed denial of service (DDoS) attack on DNS provider Dyn's servers. Major sites like The Verge, HBO Now, CNN, Imgur, Paypal, and Reddit are all affected to some extent.
A new wave of attacks have brought down the websites for the New York Times, CNN, Netflix, Twitter, and the PlayStation Network, among many others. Amazon is experiencing some outages as well, but at this time it is not clear if the problems stem from the DDoS attack on Dyn.
Starting at about 11 a.m. eastern time, the attacks abated somewhat, and were mitigated by Dyn's countermeasures. However, at 12:20 p.m. eastern time, the attackers renewed the assault, expanding the outages beyond just England and the east coast of the U.S. to a large portion of California and Texas.
"Dyn received a global DDoS attack on our Managed DNS infrastructure in the east coast of the United States," Dyn executive vice president of products Scott Hilton said in a statement Friday morning. "We have been aggressively mitigating the DDoS attack against our infrastructure."
AppleInsider has learned that the U.S. Department of Homeland Security is "monitoring the situation" and the agency is "investigating all potential causes" of the outages.
Dyn provides domain name services (DNS), resolving plain site names, like www.appleinsider.com to IP addresses that are required for content delivery. A sufficiently large DDoS attack on DNS servers for websites prevent requests to the website from completing.
The attack is aggravated by users continuing to hammer refresh following an unsuccessful load of a webpage.
The vector of attack is not yet known, with hackers recently having commandeered a network of surveillance cameras to perform a DDoS attack. Reasons for the assault, or the perpetrators are also not yet known.
31 Comments
Any affected site's IT team should take a lesson from this. While DNS may be a distributed system, and while there may be special DDoS systems to respond to such attacks, spreading your DNS configuration across *multiple DNS providers* is a sure-proof way to minimize any attack. Having authoritative nameservers at multiple providers. Easy to set up and manage, and gives tremendous redundancy.
I assumed it was the Russians.