Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Cloud Security

DDoS Attack Hits Amazon Web Services

Amazon Web Services (AWS) customers experienced service interruptions yesterday as the company struggled to fight off a distributed denial-of-service (DDoS) attack.

As part of such an assault, attackers attempt to flood the target with traffic, which would eventually result in the service being unreachable.

Amazon Web Services (AWS) customers experienced service interruptions yesterday as the company struggled to fight off a distributed denial-of-service (DDoS) attack.

As part of such an assault, attackers attempt to flood the target with traffic, which would eventually result in the service being unreachable.

While customers were complaining of their inability to reach AWS S3 buckets, on its status page yesterday the company revealed that it was having issues with resolving AWS Domain Name System (DNS) names.

The issues, AWS said, lasted for around 8 hours, between 10:30 AM and 6:30 PM PDT. A very small number of specific DNS names, the company revealed, experienced a higher error rate starting 5:16 PM.

While reporting on Twitter that it was investigating reports of intermittent DNS resolution errors with Route 53 and external DNS providers, Amazon also sent notifications to customers to inform them of an ongoing DDoS attack.

“We are investigating reports of occasional DNS resolution errors. The AWS DNS servers are currently under a DDoS attack. Our DDoS mitigations are absorbing the vast majority of this traffic, but these mitigations are also flagging some legitimate customer queries at this time,” AWS told customers.

The company also explained that the DNS resolution issues were also intermittently impacting other AWS Service endpoints, including ELB, RDS, and EC2, given that they require public DNS resolution.

Advertisement. Scroll to continue reading.

During the outage, AWS was redirecting users to its status page, which currently shows that all services are operating normally.

One of the affected companies was Digital Ocean, which has had issues with accessing S3/RDS resources inside Droplets across several regions starting October 22.

“Our Engineering team is continuing to monitor the issue impacting accessibility to S3/RDS/ELB/EC2 resources across all regions,” the company wrote on the incident’s status page at 23:25 UTC on Oct 22.

Accessibility to the impacted resources has been restored, but it was still monitoring for possible issues, the company announced yesterday.

Related: Compromised AWS API Key Allowed Access to Imperva Customer Data

Related: AWS S3 Buckets Exposed Millions of Facebook Records

Related: Mirai-Based Botnet Launches Massive DDoS Attack on Streaming Service

Written By

Ionut Arghire is an international correspondent for SecurityWeek.

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

SecurityWeek’s Threat Detection and Incident Response Summit brings together security practitioners from around the world to share war stories on breaches, APT attacks and threat intelligence.

Register

Securityweek’s CISO Forum will address issues and challenges that are top of mind for today’s security leaders and what the future looks like as chief defenders of the enterprise.

Register

Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.

Identity & Access

Zero trust is not a replacement for identity and access management (IAM), but is the extension of IAM principles from people to everyone and...

Cybercrime

A recently disclosed vBulletin vulnerability, which had a zero-day status for roughly two days last week, was exploited in a hacker attack targeting the...

Data Breaches

LastPass DevOp engineer's home computer hacked and implanted with keylogging malware as part of a sustained cyberattack that exfiltrated corporate data from the cloud...

Cybersecurity Funding

Network security provider Corsa Security last week announced that it has raised $10 million from Roadmap Capital. To date, the company has raised $50...

Network Security

Attack surface management is nothing short of a complete methodology for providing effective cybersecurity. It doesn’t seek to protect everything, but concentrates on areas...

Identity & Access

Hackers rarely hack in anymore. They log in using stolen, weak, default, or otherwise compromised credentials. That’s why it’s so critical to break the...

Application Security

GitHub this week announced the revocation of three certificates used for the GitHub Desktop and Atom applications.