This morning, as thousands of people woke up and started their daily routines, they found that it had been disrupted. Those who like to lie in bed scrolling through Twitter before getting up found that they couldn’t access the social media platform. Meanwhile, people who like to listen to Spotify (News - Alert) on their way to work were unable to do so. Why? It turns out that there was a sweeping outage of DNS provider Dyn as a result of a DDoS attack.
Distributed Denial of Service (DDoS) attacks are a type of DOS attack where multiple compromised systems, which are often affected by a Trojan, are used to target a single system. This is what ultimately causes the denial of service.
According to Dyn (News - Alert), the company started monitoring and mitigating the DDoS attack against its Dyn Managed DNS infrastructure today at 11:10 UTC. As a result, some customers experienced increased DNS query latency and delayed zone propagation. The company found that the attack had mainly impacted Managed DNS customers on the East Coast of the U.S.
Earlier today, Hacker News found that several sites had been affected by this attack. Some popular sites that were down included DYN, Twitter, Etsy, Github, Soundcloud, Spotify, Heroku, Pagerduty, Shopify, Box (News - Alert), Boston Globe, New York Times, Airbnb, Reddit, Freshbooks and Iintercom (the app, not the landing page).
Thankfully, the issue was resolved and services were restored to normal earlier in the day. The attack, while inconvenient, doesn’t seem to be detrimental, especially because the sites were not down for too long.
However, this incident just reinforces the fact that hackers and virtual attacks are no laughing matter. People have a tendency to think that they’re safe all the time, and that it will never happen to them. Well, today it happened to Dyn, and thousands of users were affected because they were unable to use certain sites. Again, an attack like this could have been worse if the people behind it had targeted some bigger sites. A user being unable to read tweets in the morning isn’t nearly as detrimental as some other scenarios could have been.
In the end, we should be thankful that Dyn’s engineers were able to locate the problem and resolve the issue in a timely manner. But, having solid security in place is a must for companies who want to do everything they can to prevent attacks from occurring. Without the proper programs and preventions in place, incidents like the SWIFT hack or the Yahoo hack will become more prominent.