Starting at 11:10 UTC on Friday, October 21st 2016, a catastrophic cyberattack on one of the world’s leading DNS providers caused hundreds of sites to go down.
Many sites such as Twitter, Spotify, GitHub, Reddit, Etsy, and the New York Times are down today due to a distributed denial-of-service (DDoS) attack on Dyn, one of today’s leading DNS providers. It seems that this attack came in two waves. The first wave was this morning around 9:00AM Eastern causing outages across the west coast of the United States and parts of Europe. The second wave was much worse, causing more outages throughout the east coast.
Dyn released a statement today saying that their engineers are still investigating the problem: “Starting at 11:10 UTC on October 21th-Friday 2016 we began monitoring and mitigating a DDoS attack against our Dyn Managed DNS infrastructure. Some customers may experience increased DNS query latency and delayed zone propagation during this time. Updates will be posted as information becomes available.”
What is DNS?
In order to understand how this attack could take out so many websites, you first need to know the system. Every machine in the world is given an IP address as a kind of fingerprint. IP addresses can be very long and are hard to member, so in order to make it easier for people to access, every website is given a domain name such as facebook.com. Domain name system (DNS), is the phonebook of the internet, that informs your computer how to access Facebook’s website when you type facebook.com into your browser. Without DNS, trying to get on Facebook might look something like this “126.96.36.199”.
What is a DDoS Attack?
Distributed denial-of-service (DDoS) is an attack on the DNS infrastructure. A DDoS attack attempts to overwhelm an online resource with a lot of traffic from multiple sources. Imagine everyone in the United States trying to access the same website, but hitting refresh every 1/2 second. The kind of extreme spikes in traffic caused by DDoS attacks prevent anyone else from accessing the resource.
All of this sounds very bad, but do not worry, your site files and content are safe, just not accessible at this time. Think of today as a vacation from the internet. Put down your phone, shut your computer, and get to happy hour early. It may be a while until these websites are back up and running.
Options: Facbeook, Twitter, Linkedin, Pinterest...