A DDoS Cyber attack disrupted Paypal, Twitter and Spotify on 21 Oct 2016

A Cyber attack on a company Dyn disrupted access to dozen of websites on Friday. They include Paypal, Twitter and Spotify.

Dyn (a DNS provider) whosse customers include some of the world’s most visited sites do not know who is behind the attacks. The outages were intermittent and more sites were having access issues and they include CNN, HBO Now, Mashable, NYTimes, WSJ.

Dyn said attacks were from tens of millions of internet connected devices such as webcams, printers, thermostat infected with maliciosu software that turns them into bots to launch a distributed denial of service attack.

The U.S. Department of Homeland Security and the Federal Bureau of Investigation said they were investigating.

Dyn said early on Friday that the outage was limited to the Eastern United States. Amazon later reported that the issue was affecting users in Western Europe. Twitter and some news sites could not be accessed by some users in London late on Friday evening.


Update Regarding DDoS Event Against Dyn Managed DNS on October 21, 2016
Identified – This Preliminary Findings Report is to provide additional detail in connection with an incident that began on October 21, 2016 at approximately 11:10 UTC and lasted until approximately 17:45 UTC

Dyn is dedicated to delivering the highest quality of service, and as such, we take any customer impacting events very seriously. Below you will find a preliminary analysis of the event. A more in-depth analysis will be distributed in the form of a Root Cause Analysis report at a later date.

Service Affected: Managed DNS

Event cause:
On Friday October 21, 2016 at approximately 11:10 UTC, Dyn came under attack by a large Distributed Denial of Service (DDoS) attack against our Managed DNS infrastructure in the US-East region. Customers affected may have seen regional resolution failures in US-East and intermittent spikes in latency globally. Dyn’s engineers were able to successfully mitigate the attack at approximately 13:20 UTC, and shortly after, the attack subsided.
At roughly 15:50 UTC a second DDoS attack began against the Managed DNS platform. This attack was distributed in a more global fashion. Affected customers may have seen intermittent resolution issues as well as increased global latency. At approximately 17:00 UTC, our engineers were again able to mitigate the attack and service was restored.

At Dyn, we take every incident seriously and work hard to ensure we deliver the service our customers have come to expect. We will continue to evaluate every situation with the goal of improving our systems and processes to deliver the utmost customer experience. Thank you for your continued support.
Oct 21, 22:11 UTC

By Harry