DYN Restores Service after DDoS Attack Downed Twitter, Spotify, Others

UPDATED 21/10/2016 11:15 EDT DYN has restored service after a distributed denial-of-service (DDoS) attack against its DNS infrastructure took down Spotify, Twitter, and a host of other sites. The internet performance management company published a statement on its status page explaining that a DDoS attack was responsible for the service interruption:

"Starting at 11:10 UTC on October 21st-Friday 2016 we began monitoring and mitigating a DDoS attack against our Dyn Managed DNS infrastructure. Some customers may experience increased DNS query latency and delayed zone propagation during this time. Updates will be posted as information becomes available."

https://twitter.com/Dyn/status/789444349998268416 DNS, otherwise known as Domain Name System, is an essential feature of the web. It translates easily readable domain names like "tripwire.com" into numeric addresses at which websites and other Internet services are based. An event that targets DNS infrastructure can degrade that domain translation process and cause sites to suffer connectivity issues or service interruptions. That's exactly what happened with this attack. At about the same times as the DDoS campaign began, Hacker News users began reporting issues with the following sites:

• Etsy
• Github
• Heroku
• Intercom
• Pagerduty
• Shopify
• Soundcloud
• Spotify
• Twitter

DYN has neither confirmed that the attack specifically affected those websites listed above nor provided additional details about the attack, such as the peak size of the DDoS traffic. But approximately an hour and a half after the company began investigating the issue, it did post the following update:

"This attack is mainly impacting US East and is impacting Managed DNS customers in this region. Our Engineers are continuing to work on mitigating this issue."

Less than an hour after that, DYN confirmed it had resolved the issue. https://twitter.com/Dyn/status/789462510562836480 The attack against DYN's DNS infrastructure might be over. But Richard Meeus, of the internet security firm NSFOCUS, feels that the DDoS campaign still points to a larger issue facing companies today. As he told the Inquirer:

"DNS has often been neglected in terms of its security and availability from an enterprise perspective," Richard Meeus, of the internet security firm NSFOCUS, told the Inquirer. "This attack highlights how critical DNS is to maintaining a stable and secure internet presence, and that the DDoS mitigation processes businesses have in place are just as relevant to their DNS service as it is to the web servers and data centers."

Businesses need to take that step and invest in anti-DDoS solutions. For recommendations on how your organization can protect against a DDoS campaign, click here.