FourWinds10.com - Delivering Truth Around the World
Custom Search

Update: DDoS attack on Dyn DNS leaves internet crippled

Andy Walker

Smaller Font Larger Font RSS 2.0

Oct. 22, 2016

Update #5, 22 October, 12.30am: Dyn has issued its lengthiest update yet, revealing a few more details about the DDoS attack on its DNS service.

“On Friday October 21, 2016 at approximately 11:10 UTC, Dyn came under attack by a large Distributed Denial of Service (DDoS) attack against our Managed DNS infrastructure in the US-East region,” the update reads.

“Customers affected may have seen regional resolution failures in US-East and intermittent spikes in latency globally. Dyn’s engineers were able to successfully mitigate the attack at approximately 13:20 UTC, and shortly after, the attack subsided.”

“At roughly 15:50 UTC a second DDoS attack began against the Managed DNS platform. This attack was distributed in a more global fashion. Affected customers may have seen intermittent resolution issues as well as increased global latency,” it adds, citing the second wave of the attack.

“At approximately 17:00 UTC, our engineers were again able to mitigate the attack and service was restored.”

Read the full list of updates on Dyn’s status page here.

Update #4, 11.20pm: International whistleblowing website Wikileaks published a tweet asking its “supporters to stop taking down the US internet”, this after it mentions that “Mr. [Julian – ed] Assange is still alive and WikiLeaks is still publishing.”

“You proved your point,” the tweet concludes.

While this doesn’t confirm Wikileaks supporters are behind the DDoS attacks on Dyn, it’s clear that Wikileaks, at least, believes that they are.

Update #3, 10.50pm: According to Dyn’s latest update, the DDoS attack on its DNS service is “well planned and executed” and “coming from tens of millions of IP addresses at the same time”.

Wikileaks: ‘We ask supporters to stop taking down the US internet. You proved your point’

It’s currently experiencing a third wave of attacks.

The company also explains that Internet of Things devices are partly involved in the attack, but Dyn still can’t confirm any details of the attacker, or more interestingly, the attacker’s source.

“What they’re actually doing is moving around the world with each attack,” according to Dyn’s CSO Kyle York.

Have a look at the full CNBC article here.

Update #2, 10.12pm: Our sister site Gearburn mentioned a possible remedy for the PSN DNS network issues plaguing PlayStation 4 owners at present. But while it doesn’t quite work for the console at present, it might work for your other devices.

The Reddit post suggests that users change their PlayStation 4 DNS settings to that of OpenDNS. Based on our tests with the likes of Twitter, it seems to bypass the issue.

Dyn: ‘What they’re actually doing is moving around the world with each attack’

To change your DNS to OpenDNS, you’ll need to jump through a few hoops. Luckily, the service has a pretty easy-to-follow step-by-step guide on its own support website, for Windows, iOS and Linux users.

Notably, this process can be done on Android devices too.

Let us know if this temporary workaround works for you.

Update #1, 21 October, 9.12pm SAST: According to a Politico report citing a White House source, the US Department of Homeland Security has launched an investigation into the cause of the global Dyn DNS DDoS attack.

“We’re aware and are investigating all potential causes,” the publication quotes a DHS official.

No individual or group has yet claimed responsibility for the attack.

As of 8.52pm SAST, Dyn notes that its “engineers are still investigating and mitigating the attacks on our infrastructure”.

Original article: South Africa, if you’re struggling to access the likes of Twitter, SoundCloud and Reddit at the moment, don’t worry, it’s not just you. The world has been rocked by a rather large DDoS attack that struck one of the internet’s largest DNS companies, Dyn.

Ultimately, this has left many sites, services and apps that use Dyn’s service inaccessible.

News of the DDoS attack first broke around 1pm SAST on news board Ycombinator, but while Dyn soon remedied the initial attack, a second wave of attacks hit the service again around 5pm SAST.

A large portion of the internet is down today thanks to a cyber attack on Dyn’s DNS service

“As of 15:52 UTC, we have begun monitoring and mitigating a DDoS attack against our Dyn Managed DNS infrastructure,” Dyn explains on its status page.

“Our Engineers are continuing to work on mitigating this issue.”

Most recently, just before 8pm SAST, Dyn explained that its “engineers continue to investigate and mitigate several attacks aimed against the Dyn Managed DNS infrastructure”.

Quick glossary:

A DNS: or Domain Name Server, is a service that converts websites’ host names (like www.memeburn.com) into IP addresses (essentially, identification that servers and computers can understand). Gizmodo has an excellent, albeit more technical explainer.

A DDoS: or Distributed Denial of Service attack, is deliberate act by internet users to cripple a website/server through sheer load.

A crippled internet

At the time of writing, the likes of Twitter (including the Android app), SoundCloud (including all of its widgets) and payments gateway PayPal are all inaccessible.

http://memeburn.com/2016/10/ddos-dyn-dns-internet-down/