A number of websites, including Twitter, SoundCloud, Spotify and Github, were down this morning, apparently due to a DDOS attack on the DNS provider Dyn that mostly affected the East Coast of the country. Dyn now says, "Services have been restored to normal as of 13:20 UTC" (9:20 a.m. EST/6:20 a.m. PST).
Earlier, the provider said, "Starting at 11:10 UTC [7:10 a.m. EST / 4:10 a.m. PST] on October 21st-Friday 2016 we began monitoring and mitigating a DDoS attack against our Dyn Managed DNS infrastructure. Some customers may experience increased DNS query latency and delayed zone propagation during this time. Updates will be posted as information becomes available," and then updated, "This attack is mainly impacting US East and is impacting Managed DNS customers in this region. Our Engineers are continuing to work on mitigating this issue."
@PlayStation your site says that everything is in tip top shape, when in fact it's not for thousands of gamers. Wake up and do something!!!! pic.twitter.com/RZKSNSS0iT
— Jeffrey Carias (@opmthedrug) October 21, 2016
Uh oh, we’re having some issues right now and investigating. We’ll keep you updated!
— Spotify Status (@SpotifyStatus) October 21, 2016
As Gizmodo explains, "Domain Name Servers (DNS) act as the Internet’s phone book. Basically, they facilitate your request to go to a certain webpage and make sure you are taken to the right place. If the DNS provider that handles requests for Twitter is down, well, good luck getting to Twitter. Some websites are coming back for some users, but it doesn’t look like the problem is fully resolved."
Sites ranging from IHeartRadio, Airbnb and the NY Times to Wired, Reddit and Etsy suffered outages.
Update: A second round of outages among the same sites swept the West Coast later this morning. From Dyn, the DNS provider that was the target of the original attack: "As of 15:52 UTC [11:52 a.m. EST / 8:52 a.m. PST], we have begun monitoring and mitigating a DDoS attack against our Dyn Managed DNS infrastructure. Our Engineers are continuing to work on mitigating this issue."
The issue is still being mitigated but appears mostly resolved, with Twitter, for example, back up after an outage for West Coast users.
FBI's #FOIA reading room website subject to DNS attack pic.twitter.com/oPY6fhsqRu
— Jason Leopold (@JasonLeopold) October 21, 2016
Wired points out that Dyn’s principal data analyst Chris Baker wrote a blog post just yesterday titled "Recent IoT-based Attacks: What Is the Impact On Managed DNS Operators?" There, Baker writes, "As the Internet grows to support more people and societal functions its perceived criticality increases, but its core architecture remains designed for openness and not security." So it would seem.
Update: In the wake of the attack, Kyle York, Dyn’s chief strategist, told the New York Times that “The number and types of attacks, the duration of attacks and the complexity of these attacks are all on the rise.” Yet "This was not your everyday DDoS attack," York added. "The nature and source of the attack is still under investigation.” Dyn is working with law enforcement officials, York says, to ascertain what that nature and source might be.