This morning it appears a massive Distributed Denial of Service attack targeting DNS host Dyn has knocked a big chunk of the Internet offline Friday morning.
The Domain Name System (DNS) converts human-readable URLs (like “pcworld.com”) to their underlying numeric IP addresses. Dyn hasn’t confirmed that the outages and its DDoS attack are related, but given that these sites keep going down every time Dyn gets slammed, it seems highly likely.
Hacker News users report the following sites are down:
Trying to connect to all of those sites indeed proved fruitless this morning. Zoho, SaneBox, and iHeart Radio also appear to be down on my end, in New Hampshire. Netflix, Slack, Imgur, HBO Now, PayPal, PlayStation Network, Yammer, Seamless, and many more services have also experienced interruptions today.
At roughly 7 A.M. Friday morning, Dyn posted the following status report:
“Starting at 11:10 UTC on October 21th-Friday 2016 we began monitoring and mitigating a DDoS attack against our Dyn Managed DNS infrastructure. Some customers may experience increased DNS query latency and delayed zone propagation during this time.”
This afternoon, Dale Drew—the chief security officer for Level 3, a tier 1 Internet backbone provider—broadcast an informative Periscope video explaining what exactly is going on here. He also says Dyn isn’t the sole victim. “We’re seeing the bad guy rotate through quite a few DNS providers, trying to add some instability to the Internet.” A portion of the attack originates from the gigantic Mirai “Internet of things” botnet, Drew says, which was recently used in a DDoS of unprecedented size. About 10 percent of the Mirai botnet nodes are active in this attack on Dyn, though those nodes aren’t the only ones targeting the DNS provider.