Amazon Web Services (AWS) customers experienced service interruptions yesterday as the company struggled to fight off a distributed denial-of-service (DDoS) attack.
As part of such an assault, attackers attempt to flood the target with traffic, which would eventually result in the service being unreachable.
While customers were complaining of their inability to reach AWS S3 buckets, on its status page yesterday the company revealed that it was having issues with resolving AWS Domain Name System (DNS) names.
The issues, AWS said, lasted for around 8 hours, between 10:30 AM and 6:30 PM PDT. A very small number of specific DNS names, the company revealed, experienced a higher error rate starting 5:16 PM.
While reporting on Twitter that it was investigating reports of intermittent DNS resolution errors with Route 53 and external DNS providers, Amazon also sent notifications to customers to inform them of an ongoing DDoS attack.
“We are investigating reports of occasional DNS resolution errors. The AWS DNS servers are currently under a DDoS attack. Our DDoS mitigations are absorbing the vast majority of this traffic, but these mitigations are also flagging some legitimate customer queries at this time,” AWS told customers.
The company also explained that the DNS resolution issues were also intermittently impacting other AWS Service endpoints, including ELB, RDS, and EC2, given that they require public DNS resolution.
During the outage, AWS was redirecting users to its status page, which currently shows that all services are operating normally.
One of the affected companies was Digital Ocean, which has had issues with accessing S3/RDS resources inside Droplets across several regions starting October 22.
“Our Engineering team is continuing to monitor the issue impacting accessibility to S3/RDS/ELB/EC2 resources across all regions,” the company wrote on the incident’s status page at 23:25 UTC on Oct 22.
Accessibility to the impacted resources has been restored, but it was still monitoring for possible issues, the company announced yesterday.
Related: Compromised AWS API Key Allowed Access to Imperva Customer Data
Related: AWS S3 Buckets Exposed Millions of Facebook Records
Related: Mirai-Based Botnet Launches Massive DDoS Attack on Streaming Service
More from Ionut Arghire
- Blackpoint Raises $190 Million to Help MSPs Combat Cyber Threats
- ‘Asylum Ambuscade’ Group Hit Thousands in Cybercrime, Espionage Campaigns
- Google Cloud Now Offering $1 Million Cryptomining Protection
- Pharmaceutical Giant Eisai Takes Systems Offline Following Ransomware Attack
- North Korean Hackers Blamed for $35 Million Atomic Wallet Crypto Theft
- Cisco Patches Critical Vulnerability in Enterprise Collaboration Solutions
- Android’s June 2023 Security Update Patches Exploited Arm GPU Vulnerability
- US, Israel Provide Guidance on Securing Remote Access Software
Latest News
- In Other News: AI Regulation, Layoffs, US Aerospace Attacks, Post-Quantum Encryption
- Blackpoint Raises $190 Million to Help MSPs Combat Cyber Threats
- Google Introduces SAIF, a Framework for Secure AI Development and Use
- ‘Asylum Ambuscade’ Group Hit Thousands in Cybercrime, Espionage Campaigns
- Evidence Suggests Ransomware Group Knew About MOVEit Zero-Day Since 2021
- SaaS Ransomware Attack Hit Sharepoint Online Without Using a Compromised Endpoint
- Google Cloud Now Offering $1 Million Cryptomining Protection
- Democrats and Republicans Are Skeptical of US Spying Practices, an AP-NORC Poll Finds
