Massive DDoS Attack On DNS Provider Dyn Slows Twitter, Amazon, Github To A Crawl
The outages seemed to mainly be concentrated around the northeastern United States, with another “hot pocket” of activity centered in Texas. Dyn posted a note to its website earlier this morning, writing:
Starting at 11:10 UTC on October 21st-Friday 2016 we began monitoring and mitigating a DDoS attack against our Dyn Managed DNS infrastructure. Some customers may experience increased DNS query latency and delayed zone propagation during this time. Updates will be posted as information becomes available.
Within two hours, Dyn was back with an update:
This attack is mainly impacting US East and is impacting Managed DNS customers in this region. Our Engineers are continuing to work on mitigating this issue.
Another hour later, Dyn had completely restored service for all of its customers, both big and small. Again, the widespread slowdowns and outages was pretty localized, and Americans in the U.S. mid-section and west coast were largely spared.
Mikko Hypponen, Chief Research Officer for security research firm F-Secure, tweeted about the scope of the DDoS attack, writing:
Sites that use Dyn one way or another include Twitter, Reddit, Github, New York Times, Boston Globe... https://t.co/qaueh5U5ti
— Mikko Hypponen (@mikko) October 21, 2016
He also rather astutely pointed out that certain industries have plenty of redundancies built-in to mitigate this type of service interruptus:
At this time, there are no leads as to where the attacks originated or why they were carried out in the first place. However, we're certain that we'll hear more as Dyn begins the investigative process into attack.#DDoSfacts pic.twitter.com/PfCvVvchjh
— Mikko Hypponen (@mikko) October 21, 2016