AREAS AFFECTED BY THE OUTAGE / 21 OCT 2016 – Source: Level3 Outage Map
Major internet sites were disrupted for several hours this morning as internet infrastructure provider Dyn reported it was under a cyberattack, mainly affecting traffic on the U.S. East Coast. Twitter, Spotify, Airbnb, Reddit, Visa and various media sites were among organizations whose services were reported to be down on Friday morning. Amazon also disclosed an outage that lasted several hours on Friday morning.
— Doug Madory, director of internet analysis at Dyn, in an email said: Dyn received a global DDoS attack on its Managed DNS infrastructure in the east coast of the United States. DNS traffic resolved from east coast name server locations experienced a service interruption during the attack. Updates will be posted as information becomes available. Services were restored to normal as of 13:20 UTC.
— Update: As of around 12 PM ET, Dyn reported that it is investigating another DDoS attack, and is continuing to attempt to “mitigate” the attack. Box, Twitter and other sites appear to be down again. The White House press secretary has also said that the Department of Homeland Security is investigating the attacks.
— Update from Dyn: "Our engineers continue to investigate and mitigate several attacks aimed against the Dyn Managed DNS infrastructure."
— Gillian Christensen of the U.S. Department of Homeland Security says the agency is "investigating all potential causes."
— "The attack on DYN comes just hours after DYN researcher Doug Madory presented a talk on DDoS attacks in Dallas, Texas at a meeting of the North American Network Operators Group (NANOG)," says Brian Krebs whose own site recently underwent historic DDoS attack. "Madory's talk ... delved deeper into research that he and I teamed up on to produce the data behind the story DDoS Mitigation Firm Has History of Hijacks. ... I have no data to indicate that the attack on Dyn is related to extortion, to Mirai or to any of the companies or individuals Madory referenced in his talk this week in Dallas. But Dyn is known for publishing detailed writeups on outages at other major Internet service providers. Here's hoping the company does not deviate from that practice and soon publishes a postmortem on its own attack."
— Update, 3:50 p.m. ET: Brian Krebs reports: "Security firm Flashpoint is now reporting that they have seen indications that a Mirai-based botnet [see earlier report on Mirai] is indeed involved in the attack on Dyn today. Separately, I have heard from a trusted source who’s been tracking this activity and saw chatter in the cybercrime underground yesterday discussing a plan to attack Dyn."
Follow CircleID on Twitter
More under: Cyberattack, DDoS