Ongoing cyber attack hits Twitter, Amazon, other top websites (Update)

October 21, 2016

Major internet services including Twitter, Spotify and Amazon suffered service interruptions and outages on Friday as a US internet provider came under sustained cyber attack.

The internet service company Dyn, which routes and manages internet traffic, said that it had suffered a distributed denial of service (DDoS) attack on its domain name service shortly after 1100 GMT.

Service was initially restored within about two hours but close to three hours later the company said again said it was responding to an attack.

"Our engineers are continuing to work on mitigating this issue," the company said on its website close to 1700 GMT.

The cyber attack meant that millions of internet users could not access the websites of major online companies such as Netflix and Reddit as well as the crafts marketplace Etsy and the software developer site Github, according to media reports.

The website Gizmodo said it had received reports of difficulty at sites for media outlets including CNN, The Guardian, Wired, HBO and People as well as the money transfer service PayPal.

Dyn, which is headquartered in New Hampshire, said the attack went after its domain name service, causing interruptions and slowdowns.

Scott Hilton, executive vice president for products at Dyn, said in a statement Friday morning that a "global DDoS attack" had been launched on its Managed DNS infrastructure on the US east coast.

A map published by the website downdetector.com initially showed service interruptions for Level3 Communications, a so-called "backbone" internet service provider, across much of the US east coast and in Texas.

However later Friday the affected areas had spread to parts of the Midwest and California. Similar maps for Netflix and Twitter website specifically showed areas of outage in Europe.

The US Department of Homeland Security told AFP it was monitoring the situation.

"We're aware and are investigating all potential causes," said DHS spokeswoman Gillian Christensen.

Amazon affected

Amazon Web Services, which hosts some of the most popular sites on the internet, including Netflix and the homestay network Airbnb, said on its website that it had resolved problems by 1310 GMT only to begin addressing similar problems three hours later in a different region.

Domain name servers are a crucial element of internet infrastructure, converting numbered Internet Protocol addresses into the domain names that allow users to connect to internet sites.

Distributed denial of service or DDoS attacks involve flooding websites with traffic, making them difficult to access or taking them offline entirely. Attackers can use them for a range of purposes, including censorship, protest and extortion.

The loose-knit hacktivist network Anonymous in 2010 targeted the DNS provider EveryDNS among others in 2010 as retribution for denying service to the anti-secrecy organization WikiLeaks.

Though such attacks are not uncommon, Friday's incident immediately unscored the interconnected vulnerabilities for large portions of the internet, with brand-name companies affected by an attack on a single company.

"The internet continues to rely on protocols and infrastructure designed before cyber security was an issue," said Ben Johnson, a former engineer at the National Security Agency and founder of the cyber-security company Carbon Black.

He said that growing interconnection of ordinary devices to the internet, the so-called "internet of things," increased the risks to networks.

"DDoS, especially with the rise of insecure IOT devices, will continue to plague our organizations. Sadly, what we are seeing is only the beginning in terms of large scale botnets and disproportionate damage done."

Explore further: The Internet of Things could spark a new wave of cyber attacks

Related Stories

Attackers use Network Time Protocol for denial exploit

February 12, 2014

(Phys.org) —Reports are calling it the world's most massive distributed denial-of-service (DDoS) attack ever, referring to this week's report about a massive exploit making use of the Network Time Protocol (NTP), which ...

Filtering criminal dDOS attacks

June 23, 2014

A new hybrid filtering system to protect cloud computing services from distributed denial of service (dDOS) attacks has been developed by US and Indian researchers. They provide details in the latest issue of the International ...

Recommended for you

Firms push hydrogen as top green energy source

January 18, 2017

Over a dozen leading European and Asian firms have teamed up to promote the use of hydrogen as a clean fuel and cut the production of harmful gasses that lead to global warming.

WhatsApp vulnerable to snooping: report

January 13, 2017

The Facebook-owned mobile messaging service WhatsApp is vulnerable to interception, the Guardian newspaper reported on Friday, sparking concern over an app advertised as putting an emphasis on privacy.

1 comment

Adjust slider to filter visible comments by rank

Display comments: newest first

TheGhostofOtto1923
not rated yet Oct 22, 2016
From USA Today;

"The software uses malware from phishing emails to first infect a computer or home network, then spreads to everything on it, taking over DVRs, cable set-top boxes, routers and even Internet-connected cameras used by stores and businesses for surveillance."

So what does this say about the possibility of controlling the devices themselves? Cars, smart homes and their security systems, pacemakers, baby monitors, etc?

Please sign in to add a comment. Registration is free, and takes less than a minute. Read more

Click here to reset your password.
Sign in to get notified via email when new comments are made.