Twitter, Spotify And Other Major Sites Disrupted By DDoS Attack On Dyn DNS

Twitter, Spotify and Reddit suffered outages, mainly on the US East Coast, following a distributed denial of service (DDoS) attack on the domain name servers (DNS) covering the New Hampshire region.

The attack was made against DNS host provider Dyn, which provides a traffic routing service for the sites.

Dyn’s executive vice president of products confirmed the attack had taken place: “This morning, October 21, Dyn received a global DDoS attack on our Managed DNS infrastructure in the east coast of the United States.

DNS traffic resolved from east coast name server locations are experiencing a service degradation or intermittent interruption during this time. Updates will be posted as information becomes available.”

DDoS on Dyn DNS

The DDoS appears to have taken place 11:10 UTC but Dyn claims its services to the US East Coast are not back up and running and it is monitoring the situation for further disruption.

It is unknown who was responsible for the attack though Dyn said it is investigating the situation.

The attack has affected numerous web-based companies and even had Amazon Web Services (AWS) investigating “elevated errors resolving DNS host names used to access some AWS services” within its US-EAST-1 region.

Normally, DDoS attacks are targeted against single sites for reasons that vary from the amusement of reprobate cyber groups through to the machinations of activists and groups such as Anonymous.

However, an attack against a DNS host service appears to be a change of tactics, causing disruption for some of the largest sites in the world as opposed just to taking one offline.

While the attack did not last long, many of these services rely upon near-constant up-time in order to keep their users happy, So DNS disruption can come as quite a blow.

Dave Larson, COO and CTO, Corero Network Security, noted the potential severity of such DNS attacks.

“DDoS attack targeted specifically against Domain Name Service Providers can be especially damaging – not only for the intended victim – but from the perspective that there will also be significant collateral damage,” he said.

“A DDoS attack, regardless of the vector or technique utilised, against a DNS operator targeting a domain or group of domains can effectively shut down service to that domain, as well as any other domains serviced in a particular region.

“Innocent bystanders are immediately impacted until the attack subsides or a resolution is put into place. DNS providers are central to the operation of the Internet and must consider DDoS attacks as a critical availability issue and maintain automated mitigation techniques in order to protect their customers from this breed of attack.”

While DDoS attacks are the cyber equivalent of taking a sledgehammer to a pane of glass in terms of sophistication, they are nevertheless a challenging area for online companies to tackle particularly in the UK which comes under bombardment from DDoS activity. But there are ways to tackle these attacks with a bit of savvy thinking and action.

Quiz: What do you know about cybersecurity in 2016?