A number of popular websites including the likes of Twitter and Reddit were taken down today after a series of distributed denial of service (DDoS) attacks targeted DNS service Dyn.
Put a marker down on this day. It is one to be remembered. Large DDoS attacks have relentlessly targeted major DNS host Dyn, leading to websites of the likes of Twitter, Reddit, AirBnB and Github among plenty of others to experience partial or total outages.
For those not in the know, a DNS or Domain Name Servers fundamentally act as the tool that sees through a user’s request to access any given webpage ensuring that the internet user reaches the right destination. If you clicked on this article via a Twitter link or on Google, the DNS host used by Hacked took care of your request to then facilitate your access to this page. If our DNS provider is down, we’re out of luck in trying to get you to visit this website. It’s a pretty big deal.
For instance, here’s the impact of the attacks on the widely-used email provider, Gmail.
Foreshadowing. One Cryptographer Called It
Eerily, the precise scenario of DDoS attacks taking down core internet infrastructure was put under the spotlight by cybersecurity expert and cryptographer Bruce Schneier, who is also a board member at the EFF and the Tor Project. Just over a month ago, Schneier revealed that DNS providers and registrars (the companies that provide domains like .com, .net etc) were being probed by an unknown quantity. He stated:
Someone is extensively testing the core defensive capabilities of the companies that provide critical Internet services.
The attacks began just after 11 AM UTC when Dyn revealed that it had begun “monitoring and mitigating” DDoS attacks against its DNS infrastructure.
The attacks at the time primarily impacted users on the eastern seaboard of the United States.
At the time, Scott Hilton, executive vice president of products at Dyn issued a statement, excerpts of which read:
This morning, October 21, Dyn received a global DDoS attack on our Managed DNS infrastructure in the east coast of the United States. DNS traffic resolved from east coast name server locations are experiencing a service degradation or intermittent interruption during this time. Updates will be posted as information becomes available.
In a series of updates, Dyn stated that it had restored services to normal come by 13:20 UTC. However, another DDoS attack sprung, with Dyn looking to mitigate the disruption at 16:06 UTC.
Fast forward to 17:53 UTC, Dyn is still mitigating “several attacks” aimed at its infrastructure.
As a frequent victim of DDoS disruptions console gaming networks weren’t spared either. Understandably, gamers looking forward to a weekend on their consoles aren’t too pleased, much like the rest of the internet.
A Quick Fix
If you’re looking circumvent the default DNS servers being targeted to access those hard-to-reach websites again, Hacked recommends using OpenDNS. Instructions here.
Images from Shutterstock and Downdetector.