Three web attacks have affected PayPal, Soundcloud, Reddit, Spotify, Twitter amongst others. All are customers of Dyn, a company used to help people find their customer’s sites.
On Friday, two attacks made it hard to reach the sites of Dyn’s customers. At this stage it is unclear who executed the attack or why, but the US Department of Homeland Security and the FBI are investigating.
During the attack, which lasted about 2 hours, many of these websites were being reported as difficult to access. Some other sites, including the New York Times, PayPal, Pinterest, Tumbir and some cable companies reported difficulties as being intermittent.
Dyn posted a statement on its website stating that it had been attacked by a Distributed Denial of Service (DDoS). These attacks work by overwhelming the servers with enormous amounts of data.
It was early on Friday morning in the United States when the attack was launched, and its impact was strongest in the eastern states. At first, the attack made some sites more difficult to reach. PayPal reported that although it was not attacked directly, some customers in certain areas were unable to make payments with PayPal. Their core business services were not impacted.
Github posted a message on Twitter saying a global event was impacting Dyn, making it hard to reach its sites.
There was a second attack later on Friday, which was similar in its impact on similar sites.
After the reports of the second attack, the Department of Homeland Security announced it was looking into all possible causes of these attacks.
These latest events suggest a change in DDoS attacks, as they are generally aimed at a single site. Dyn is not a single site as it is like a directory for many companies and assists customers to keep global address books current with domain locations.
A representative from the security company NCFocus, Richard Meeus, said this attack showed how essential companies such as Dyn, with their domain directory services, were to the smooth running of the internet and they seem to have been negligent with their security. They have been treated as though they are not in need of updating security.
Please comment about this recent DDoS Attacks.