This morning on the East Coast, when you went to listen to your favorite Spotify playlist, you were probably met with some kind of error. The same with Twitter. And Netflix. “Are the Russians coming to shut everything down?” you thought, wondering if you had stocked up on enough canned goods to last you through a nuclear winter.
Not quite, though the reality was only slightly less disconcerting: A massive distributed denial of service (DDoS) attack against one of the major domain name server (DNS) hosts, Dyn, crippled a large number of websites and web-based applications, including those listed above and a plethora of others.
DNS hosts help you reach the page you’re trying to access when you type it into your browser or click on a link — they reconcile the people-language used with the IP address of your destination. DDoS attacks on these servers make it impossible for real people to access them — and therefore the site you’re trying to get to — by flooding them with fake traffic, making them unavailable.
This particular attack began at around 7 a.m. ET. Spotify and Twitter users and many websites using Amazon Web Services suddenly stopped working. Long-haul Internet provider Level3 showed a mass of red on its outage map, centered on the East Coast megalopolis. Google and Facebook, it should be noted, were unaffected.
Dyn posted the following to its website: “Starting at 11:10 UTC on October 21st-Friday 2016 we began monitoring and mitigating a DDoS attack against our Dyn Managed DNS infrastructure. Some customers may experience increased DNS query latency and delayed zone propagation during this time. Updates will be posted as information becomes available.”
Around 9:40 a.m. ET, Dyn finally beat back the attack, allowing East Coasters to complain on Twitter about Twitter being down. Somewhat ironically, Dyn’s managed DNS infrastructure is supposed to help clients deal with DDoS attacks.
SoundCloud, Shopify, Reddit, Airbnb, GitHub, and Vox Media were also reportedly affected, depending on a user’s location, according to Tech Crunch.