2 min read

DDoS attack against DNS provider knocks major sites offline

Graham CLULEY

October 21, 2016

Promo Protect all your devices, without slowing them down.
Free 30-day trial
DDoS attack against DNS provider knocks major sites offline

Web users are struggling to reach some of the world’s most well-known websites – including Twitter, Spotify, Github, Reddit and AirBnB – after the managed DNS service they use, Dyn, was hit by what appears to have been a significant distributed denial-of-service (DDoS) attack.

As we recently described on the Bitdefender Business Insights blog when discussing domain name hijacking, Domain Name System (DNS) records are what helps convert the human readable addresses you enter into your browser’s URL bar (eg. hotforsecurity.com) into a numeric IP address that the internet understands.

Specialist companies like Dyn look after the DNS records of websites but, if they suffer an outage, the impact can be seen across a wide number of sites.

github-status
Source: Twitter

Presently many of the reports of difficulties accessing sites are coming from users in the East coast of the United States, but it’s possible that other computer users are also experiencing problems getting to their favourite sites.

We don’t know how big the attack is against Dyn, but you would expect the company to have fairly robust defences to fend off these types of attacks. Consequently I would imagine it is quite a sizeable DDoS attack, but we don’t have the necessary information right now to confirm.

level3map
Source: thenextweb.com

If you are affected by the outage you might have more luck in reaching sites by using a VPN proxy, which can disguise your internet use to make it appear as though you are based in another part of the world.

Inevitably there will be speculation as to who is behind the attack and their motivation, but right now there doesn’t appear to be much in the way of facts to point fingers in any particular direction.

It is, however, another reminder of just how fragile the internet can be when faced by a major denial-of-service attack. Many companies would be wise not to treat DNS security and infrastructure as an afterthought, as if it suddenly disappears beneath you no-one will be able to get to your website anymore.

tags


Author


Graham CLULEY

Graham Cluley is an award-winning security blogger, researcher and public speaker. He has been working in the computer security industry since the early 1990s.

View all posts

You might also like

Bookmarks


loader