Security Experts:

DDoS Attack Hits Amazon Web Services

Amazon Web Services (AWS) customers experienced service interruptions yesterday as the company struggled to fight off a distributed denial-of-service (DDoS) attack.

As part of such an assault, attackers attempt to flood the target with traffic, which would eventually result in the service being unreachable.

While customers were complaining of their inability to reach AWS S3 buckets, on its status page yesterday the company revealed that it was having issues with resolving AWS Domain Name System (DNS) names.

The issues, AWS said, lasted for around 8 hours, between 10:30 AM and 6:30 PM PDT. A very small number of specific DNS names, the company revealed, experienced a higher error rate starting 5:16 PM.

While reporting on Twitter that it was investigating reports of intermittent DNS resolution errors with Route 53 and external DNS providers, Amazon also sent notifications to customers to inform them of an ongoing DDoS attack.

“We are investigating reports of occasional DNS resolution errors. The AWS DNS servers are currently under a DDoS attack. Our DDoS mitigations are absorbing the vast majority of this traffic, but these mitigations are also flagging some legitimate customer queries at this time,” AWS told customers.

The company also explained that the DNS resolution issues were also intermittently impacting other AWS Service endpoints, including ELB, RDS, and EC2, given that they require public DNS resolution.

During the outage, AWS was redirecting users to its status page, which currently shows that all services are operating normally.

One of the affected companies was Digital Ocean, which has had issues with accessing S3/RDS resources inside Droplets across several regions starting October 22.

“Our Engineering team is continuing to monitor the issue impacting accessibility to S3/RDS/ELB/EC2 resources across all regions,” the company wrote on the incident’s status page at 23:25 UTC on Oct 22.

Accessibility to the impacted resources has been restored, but it was still monitoring for possible issues, the company announced yesterday.

Related: Compromised AWS API Key Allowed Access to Imperva Customer Data

Related: AWS S3 Buckets Exposed Millions of Facebook Records

Related: Mirai-Based Botnet Launches Massive DDoS Attack on Streaming Service

view counter