A distributed-denial-of-service (DDoS) cyberattack targeted towards the servers of major DNS provider Dyn has reportedly left a slew of websites – including Twitter, Reddit, Spotify and – offline for web users in the US.
DNS, or Domain Name Servers, are vital for browsing the internet normally, essentially acting as the equivalent of a phone book by maintaining a full directory of domain names and IP addresses.
On 21 October, as users started to report major issues reaching popular websites, Dyn posted a security update to its website: Starting at 11.10am UTC on 21 October 2016 we began monitoring and mitigating a DDoS attack against our Dyn Managed DNS infrastructure.
Some customers may experience increased DNS query latency and delayed zone propagation during this time. This attack is mainly impacting US East and is impacting Managed DNS customer in this region. Our engineers are continuing to work on mitigating this issue. Dyn said that services are now being restored.
According to Gizmodo, users have reported issues with websites such as Etsy, Box, GitHub, The Verge, Wired, Pinterest, Storify and Squarespace. On its website, Dyn notes its full range of high-profile customers, including BT, CNBC and D-Link.
In a statement posted on HackerNews, a representative from GitHub said: Were monitoring an incident with our upstream DNS provider. A global event is affecting an upstream DNS provider. GitHub services may be intermittently available at this time.
Additionally, a notice on the monitoring website of Amazon Web Services said: We have identified the root cause of the issue causing errors resolving the DNS hostnames used to access some AWS services in the US-EAST-1 Region, and are currently working to resolve.
Richard Meeus, vice president of technology (EMEA) at security firm NSFOCUS, believes that DNS has often been neglected when it comes to cybersecurity. This attack highlights how critical DNS is to maintaining a stable and secure internet presence, he suggested.