On Friday a number of websites including Spotify, Twitter and streaming service Netflix were take offline and now it has been revealed that this was due to a massive DDoS attack on DynDNS.
A number of reports have suggested that the attack was done by a Internet of Things devices which were taken over.
DynDNS has now shared some details about the attack which lasted for a couple of hours, you can see more details below.
Starting at approximately 7:00 am ET, Dyn began experiencing a DDoS attack. While it’s not uncommon for Dyn’s Network Operations Center (NOC) team to mitigate DDoS attacks, it quickly became clear that this attack was different (more on that later). Approximately two hours later, the NOC team was able to mitigate the attack and restore service to customers. Unfortunately, during that time, internet users directed to Dyn servers on the East Coast of the US were unable to reach some of our customers’ sites, including some of the marquee brands of the internet. We should note that Dyn did not experience a system-wide outage at any time – for example, users accessing these sites on the West Coast would have been successful.
After restoring service, Dyn experienced a second wave of attacks just before noon ET. This second wave was more global in nature (i.e. not limited to our East Coast POPs), but was mitigated in just over an hour; service was restored at approximately 1:00 pm ET. Again, at no time was there a network-wide outage, though some customers would have seen extended latency delays during that time.
There was also a third attack on DynDNS but the company were able to mitigate this attack without any of the websites being affected. It is not clear as yet on who was responsible for the attack.