Amazon Web Services (AWS) customers experienced service interruptions yesterday as the company struggled to fight off a distributed denial-of-service (DDoS) attack.
As part of such an assault, attackers attempt to flood the target with traffic, which would eventually result in the service being unreachable.
While customers were complaining of their inability to reach AWS S3 buckets, on its status page yesterday the company revealed that it was having issues with resolving AWS Domain Name System (DNS) names.
The issues, AWS said, lasted for around 8 hours, between 10:30 AM and 6:30 PM PDT. A very small number of specific DNS names, the company revealed, experienced a higher error rate starting 5:16 PM.
While reporting on Twitter that it was investigating reports of intermittent DNS resolution errors with Route 53 and external DNS providers, Amazon also sent notifications to customers to inform them of an ongoing DDoS attack.
“We are investigating reports of occasional DNS resolution errors. The AWS DNS servers are currently under a DDoS attack. Our DDoS mitigations are absorbing the vast majority of this traffic, but these mitigations are also flagging some legitimate customer queries at this time,” AWS told customers.
The company also explained that the DNS resolution issues were also intermittently impacting other AWS Service endpoints, including ELB, RDS, and EC2, given that they require public DNS resolution.
During the outage, AWS was redirecting users to its status page, which currently shows that all services are operating normally.
One of the affected companies was Digital Ocean, which has had issues with accessing S3/RDS resources inside Droplets across several regions starting October 22.
“Our Engineering team is continuing to monitor the issue impacting accessibility to S3/RDS/ELB/EC2 resources across all regions,” the company wrote on the incident’s status page at 23:25 UTC on Oct 22.
Accessibility to the impacted resources has been restored, but it was still monitoring for possible issues, the company announced yesterday.
Related: Compromised AWS API Key Allowed Access to Imperva Customer Data
Related: AWS S3 Buckets Exposed Millions of Facebook Records
Related: Mirai-Based Botnet Launches Massive DDoS Attack on Streaming Service
More from Ionut Arghire
- US, Israel Provide Guidance on Securing Remote Access Software
- Android’s June 2023 Security Update Patches Exploited Arm GPU Vulnerability
- Blumira Raises $15 Million for SMB-Tailored XDR Platform
- KeePass Update Patches Vulnerability Exposing Master Password
- Google Workspace Gets Passkey Authentication
- Cybersecurity Startup Elba Raises €2.5 Million for Employee-Focused Product
- Apple Unveils Upcoming Privacy and Security Features
- Dozens of Malicious Extensions Found in Chrome Web Store
Latest News
- Sysdig Introduces CNAPP With Realtime CDR
- Stay Focused on What’s Important
- VMware Plugs Critical Flaws in Network Monitoring Product
- Hackers Issue ‘Ultimatum’ Over Payroll Data Breach
- US, Israel Provide Guidance on Securing Remote Access Software
- OWASP’s 2023 API Security Top 10 Refines View of API Risks
- Android’s June 2023 Security Update Patches Exploited Arm GPU Vulnerability
- ChatGPT Hallucinations Can Be Exploited to Distribute Malicious Code Packages
