Early this morning, a distributed denial-of-service, more commonly referred to as a DDoS, targeted internet company Dyn. The attack appears to have been a multipronged effort focused against Domain Name System (DNS) services from provider DynDNS and on Amazon Web Services (AWS). The website outages were intermittent. “We have now applied mitigations to all regions that prevent impact from third party DNS availability events”. The U.S. Department of Homeland Security is looking into this event and told CBS News it is “investigating all potential causes”. It will post an update when it knows more. Like others, Podesta is believed to have clicked on a rogue link in an email.
Advertisement
The DDoS attacked started late on Thursday night and knocked out service for United States citizens living on the East Coast. That is still ongoing, affecting sites across the US.
However, the company detected another wave of DNS attacks just before noon and acknowledged that the problem was not yet solved.
Service providers including Comcast, Cox, Time Warner Cable and AT&T were also affected.
DDoS attacks have seen a notable increase in recent times, with reports indicating a rise of 125 percent between 2015 and 2016. In the process, sites like Reddit, PayPal, and Github have been affected. While AWS was working to resolve the issue, it said customers could expect failure indicating “hostname unknown” or “unknown host exception”.
Service to Twitter, however, remained sporadic in parts of the USA during the afternoon of October 21.
Services such as Sony’s PlayStation Network are also under attack. In that case, someone hijacked unprotected Internet-connected devices like webcams to bombard his site with record levels of traffic.
There’s no evidence that the Dyn attacks are centered on the same tool known as MIrai, but Cunningham thinks it’s possible, given the size.
“Consequently, the DNS servers and other critical infrastructure supporting the global internet have always been tantalising targets to malicious adversaries intent on disrupting services”.
Advertisement
Doug Madory, a researcher at Dyn, talks about BGP hijacking at a meeting of the North American Network Operators Group.
