Worldwide Attack on the Internet Infrastructure Causes Major Outages

[TheWorldNewsOrg]

Almost every major service that isn't part of a major internet provider seemed to be having issues. As such, Google and Facebook appeared to stay up – but almost everything else was down

Twitter is down again! 

Twitter felt the sting of downtime Friday. In the two-hour window of the initial impact, it said, "various Twitter domains including twitter.com may have been inaccessible for users in some regions, due to failures resolving particular DNS hostnames."

In a denial-of-service attack, targeted computers get hit with an overwhelming volume of bogus data requests, which dramatically slows down access and in extreme cases can completely cut off legitimate traffic.

----------------

The outage, mainly affecting the northeast U.S., seems to have been brought on by a Distributed Denial of Service (DDoS) attack on Dyn, an Internet company that hosts a variety of widely used platforms, though it is currently unclear why this happened.

Writing on its website Friday morning, Dyn said it had been the subject of an attack, adding that “some customers may experience increased DNS query latency and delayed zone propagation during this time.” Service has since been restored, according to DNS status reports.

--------------

Dyn, the affected company, indicated earlier that the issue had been fixed. But then it reported again that it had "begun monitoring and mitigating a DDoS attack against our Dyn Managed DNS infrastructure. Our Engineers are continuing to work on mitigating this issue".

It still isn't clear where that cyber attack originated or when or how it was likely to stop.

-------------

A list of major websites who have been affected:

Twitter,

Reddit,

Spotify,

Paypal,

SoundCloud,

Netflix

Paypal

Ebay

Playstation Network

Airbnb

Amazon

Github

and even service providers including Comcast, Cox, Time Warner Cable and AT&T were also affected. 

 

and several other platforms appeared to go dark or experience problems

[TheWorldNewsOrg]

#AmazonWebService was responsible for this morning’s massive Internet outage: https://t.co/cbcr8Crew3 (dankje @JonaLendering)

— (((Bill Thayer))) (@LacusCurtius) October 21, 2016

via TheWorldNewsOrg

via journal.theworldnewsmedia.org

[TheWorldNewsOrg]

There are now reports of the internet outages resuming and spreading to the west coast 

The World News Media is still up an running so I am somewhat relieved.

[TheWorldNewsOrg]

Who do you think did this Internet DDoS attack on Dyn? 

Russia? 

China?

North Korea?

NSA? CIA? (false-flag attack?)

Anonymous?

 

[TheWorldNewsOrg]

The Internet Outage is Spreading Worldwide.

This World News Forum is actually a viable alternative to Reddit and Twitter. Who would have thought? 

Although when it comes to Twitter I view this site as more of a partner than a competitor

[TheWorldNewsOrg]

Now that I think about it... this is really an attack against Twitter 

Could there be a conspiracy against Twitter to discredit (pump and dump buyout story) and then disconnect it so as to remove it from it's place as the world's "newswire"?

I use Twitter hourly and it is where all the actual news is hashed out and discussed compared to cat photos on FB and Google +

[TheWorldNewsOrg]

Internet infrastructure company Dyn says 3rd ‘well planned and executed’ denial-of-service attack underway’- CNBC https://t.co/OArzgPECYz

— Breaking News (@BreakingNews) October 21, 2016

via TheWorldNewsOrg

via journal.theworldnewsmedia.org

[Queen Esther]

A massive cyberattack is taking down major websites across the internet. According to Hacker News and reports, some of the sites affected include:

- DYN  - Twitter - Etsy - Github - Soundcloud - Spotify - Heroku - Pagerduty - Shopify - Okta - Zendesk and Business Insider !

Internet users around the world, but mostly in the US, reported that some top websites were not loading on Friday morning.

The affected sites include Amazon, Twitter, Netflix, Etsy, Github, and Spotify.

The issue is currently ongoing.

It was mostly resolved at 9:20 a.m. ET, but at 12:07 p.m. ET, the issue started to crop up again, according to one of the companies at the center of the apparent cyber attack.

At 4:16 p.m. ET, Dyn said that it was facing a third wave of attacks, CNBC reported.  

The issue appears to have something to do with DNS hosts — in particular, Dyn, one of the biggest DNS companies.

Domain Name Servers are a core part of the internet's backbone. They translate what you type into your browser —www.businessinsider.com, for example — into IP addresses that computers can understand.

Dyn said on Friday that it suffering a DDoS attack, or a distributed denial of service. That basically means hackers are overwhelming Dyn's servers with useless data and repeated load requests, preventing useful data — the Twitter IP address, for example — from getting through.

"The purpose of this attack is to overload the service in any way possible and make it stop working or be unreachable. In this case it was not Twitter or Github that got overloaded, those services work totally fine, but a service allowing you to reach them got overloaded," Adam Surak, site reliability engineer at Algolia.com told Business Insider.
Who is responsible?

No group has taken credit for the DDoS attack yet, and Dyn says no attacker has contacted it.

The Department of Homeland Security is monitoring the attack, Politico's Eric Geller reports. The FBI is also investigating, according to Reuters.

The attack does not seem to be state-sponored or directed, a senior US intelligence official told NBC News.

Dyn says that the attacks are "well planned and executed, coming from tens of millions of IP addresses at the same time." One of the sources of the attack is internet-connected products like printers, DVRs, and appliances, often called the "internet of things."

Code to wage DDoS attacks by hacking the internet of things was released earlier this month.

WikiLeaks says the attack is being done in support of its founder Julian Assange. Brian Krebs, a writer who was the first person to be hit with a internet of things DDoS, believes that criminals are extorting internet infrastructure companies and threatening them with DDoS.

He says that a trusted source tells him that there was "chatter in the cybercrime underground" discussing a plan to attack Dyn.

"Mr. Assange is still alive and WikiLeaks is still publishing. We ask supporters to stop taking down the US internet. You proved your point," Wikileaks tweeted.
If you're having issues:

Some people online seem to think this walkthrough and Apple's support page to use OpenDNS can help mitigate the problems.
Timeline of the attacks:

Here's how the day has unfolded, according to Dyn, the company being attacked.

7:10 a.m. ET:

"Starting at 11:10 UTC on October 21th-Friday 2016 we began monitoring and mitigating a DDoS attack against our Dyn Managed DNS infrastructure. Some customers may experience increased DNS query latency and delayed zone propagation during this time. Updates will be posted as information becomes available."

8:45 a.m. ET:

"This attack is mainly impacting US East and is impacting Managed DNS customer in this region. Our Engineers are continuing to work on mitigating this issue."

9:36 a.m. ET:

"Services have been restored to normal as of 13:20 UTC."

 As of 12:06 p.m. ET, the attack had returned:

"As of 15:52 UTC, we have begun monitoring and mitigating a DDoS attack against our Dyn Managed DNS infrastructure. Our Engineers are continuing to work on mitigating this issue."

12:48 p.m. ET:

"This DDoS attack may also be impacting Dyn Managed DNS advanced services with possible delays in monitoring. Our Engineers are continuing to work on mitigating this issue."

1:53 p.m. ET:

"Our engineers continue to investigate and mitigate several attacks aimed against the Dyn Managed DNS infrastructure."

2:23 p.m. ET:

"Dyn Managed DNS advanced service monitoring is currently experiencing issues. Customers may notice incorrect probe alerts on their advanced DNS services. Our engineers continue to monitor and investigate the issue."

2:52 p.m. ET:

"At this time, the advanced service monitoring issue has been resolved. Our engineers are still investigating and mitigating the attacks on our infrastructure."

3:44 p.m. ET:

"Our engineers are continuing to investigate and mitigate several attacks aimed against the Dyn Managed DNS infrastructure."

4:37 p.m. ET:

"Our engineers continue to investigate and mitigate several attacks aimed against the Dyn Managed DNS infrastructure."

4:59 p.m. ET:

"Our engineers are continuing to investigate and mitigate several attacks aimed against the Dyn Managed DNS infrastructure."

CNBC reported that Amazon investigated the issue as well, although it eventually found the issue to be with the Dyn attack. "Amazon & DynDNS investigating internet outage reports on east coast of U.S. amid reports of major websites not working properly," it tweeted.

Earlier this month, the United States transferred its oversight of DNS to an international non-profit group, a move that had been more than 20 years in the making.  Read more here :

http://www.businessinsider.de/amazon-spotify-twitter-github-and-etsy-down-in-apparent-dns-attack-2016-10?r=US&IR=T