Published Oct 21, 2016In what sounds like a plot straight out of Mr. Robot episode, a number of major sites were targeted in a DDoS attack this morning (October 21). Spotify, Netflix, Twitter, Reddit and SoundCloud each experienced service outages, though reliability has since improved.
According to Tech Crunch, the attack caused a "sweeping outage" of DNS provider Dyn, primarily affecting customers in the eastern United States. In addition to the aforementioned sites, services like Airbnb, Etsy, Heroku and Freshbooks were also affected, as were publications like the Boston Globe, the New York Times and Vox Media. Amazon.com was also targeted and experienced an outage that lasted several hours this morning.
At this point, it's unclear who is responsible for the attack, but it marks the latest in a string of DDoS, or "denial of service," attacks, which disrupt sites by overwhelming servers with web traffic.
Dyn posted an update assuring customers that their engineers were "monitoring and mitigating" the attack, adding, "Some customers may experience increased DNS query latency and delayed zone propagation during this time. Updates will be posted as information becomes available."
As of 9:15 UTC, they reported that "services have been restored to normal."
UPDATE (10/21, 2 p.m. EDT): A second attack was launched against Dyn's servers. As Gizmodo points out, the follow-up attack seems to be primarily affecting the western United States and Europe. An update from Dyn as of 17:53 UTC reads: "Our engineers continue to investigate and mitigate several attacks aimed against the Dyn Managed DNS infrastructure."
The list of websites affected by the attack continues to grow, now including HBO Now, Eventbrite, Paypal, Yelp, Imgur, Playstation Network, Satrbucks, Urban Dictionary, and tons more. It might be a good time to rediscover the joys of an offline hobby like reading (actual books) or knitting (provided you don't need to Google instructions) or sleeping.