Security Experts:

DDoS Attack Caused AT&T DNS Outage on Wednesday

AT&T's DNS Outage on Wednesday Resulted From DDoS Attack Targeted at Two Locations

AT&T on Thursday said that unknown attackers were responsible for intermittent disruptions that affected Internet services for its business customers on Wednesday.

The telecommunications giant would not discuss the locations or the number of customers affected. In a statement, an AT&T spokesperson told SecurityWeek that a DDoS attack targeted the company’s DNS infrastructure in two locations, and that engineers and SOC (Security Operations Center) staff worked to mitigate the situation.

AT&T Logo“Due to a distributed denial of service attack attempting to flood our Domain Name System servers in two locations, some AT&T business customers experienced intermittent disruptions in service on Wednesday. Our network and security teams quickly worked to mitigate the impact and service is currently running normally. We apologize for any inconvenience to our customers,” the statement said in full.

Interestingly, AT&T sells business customers a DDoS Protection service, which claims to be one of the “most potent tools against Denial of Service attacks.”

“AT&T DDoS Defense, an optional feature to the AT&T Internet Protect malware-monitoring service, uses powerful, specialized devices running sophisticated algorithms to identify attacks headed toward your network. We can mitigate them before they reach your network to keep your critical infrastructure running...,” the marketing for the service explains.

It’s possible that the DDoS attack was mitigated using AT&T’s own tools, but if they were in use at the time, they didn’t stop the attack that took place on Wednesday from disrupting operations.

Steve Ragan is a security reporter and contributor for SecurityWeek. Prior to joining the journalism world in 2005, he spent 15 years as a freelance IT contractor focused on endpoint security and security training.