Twitter, Spotify and Reddit, and a huge swath of other websites were down or screwed up this morning. This was happening as hackers unleashed a large distributed denial of service (DDoS) attack on the servers of Dyn, a major DNS host. It’s probably safe to assume that the two situations are related.
Update 4:22 PM EST: Looks like this is probably going to get even worse before it gets any better. Dyn says they are being hit with a third wave of attacks. Dyn told CNBC the attack is “well planned and executed, coming from tens of millions IP addresses at same time.
Update 12:28 PM EST: Dyn says it is investigating yet another attack, causing the same massive outages experienced this morning. Based on emails from Gizmodo readers, this new wave of attacks seems to be affecting the West Coast of the United States and Europe. It’s so far unclear how the two attacks are related, but the outages are very similar.
In order to understand how one DDoS attack could take out so many websites, you have to understand how Domain Name Servers (DNS) work. Basically, they act as the Internet’s phone book and facilitate your request to go to a certain webpage and make sure you are taken to the right place. If the DNS provider that handles requests for Twitter is down, well, good luck getting to Twitter. Some websites are coming back for some users, but it doesn’t look like the problem is fully resolved.
Dyn posted this update on its website: Starting at 11:10 UTC on October 21th-Friday 2016 we began monitoring and mitigating a DDoS attack against our Dyn Managed DNS infrastructure. Some customers may experience increased DNS query latency and delayed zone propagation during this time. Updates will be posted as information becomes available.
Here’s an internet outage map from DownDetector as of 12:46 PM EST:
Here’s an animated image that shows the internet outage at 9:00 AM EST versus 12:30 PM EST:
At the time of publication Dyn said that it was still dealing with the problem. You can see realtime outages at http://downdetector.com/status/level3/map/
Update 9:05 AM EST: Judging by emails from readers, this problem seems to be getting worse.
Update 9:43 AM EST: Dyn says the issue has been resolved.
Update 12:19 PM EST: Dyn says the issue is resolved, but multiple readers are messaging me to say they’re still having trouble accessing websites.
More related news at these links
CNN: Widespread Internet outage knocks out popular sites like Reddit, Twitter and Netflix : http://money.cnn.com/2016/10/21/technology/ddos-attack-popular-sites/index.html
Reuters: Cyber attacks disrupt PayPal, Twitter, other sites: http://www.reuters.com/article/us-usa-cyber-idUSKCN12L1ME
MSNBC - What Exactly Happened to Knock So Many Sites Offline? http://www.nbcnews.com/tech/security/what-exactly-happened-knock-so-many-sites-offline-n670781