Threat Management, Network Security, Network Security

DDoS attack sidelines AWS DNS web service for hours

Amazon Web Services' Router 53 domain name system (DNS) service was waylaid by a prolonged distributed denial of service attack earlier this week, affecting a number of online sites and services that rely on AWS.

According to multiple reports, a flood of fake traffic disrupted legitimate attempts to resolve DNS requests to connect to Amazon cloud-hosted storage buckets and systems. The incident took place on Oct. 22 and stretched from around 1:30 p.m. ET to 9:30 p.m. ET, Amazon disclosed in a service update, according to reports. And at 8:16 p.m. ET, Amazon observed a very small sampling of specific DNS names that experienced a higher error rate.

"We're investigating reports of intermittent DNS resolution errors with Route 53 & our external DNS providers," AWS Support tweeted on Oct. 22 at 1:06 p.m. ET. Later, at 9:30 p.m., AWS Support tweeted that "The AWS DNS issues that may have affected your experience with Route 53 or our external DNS providers has been resolved."

The attack reportedly affected not just access to S3 buckets, but also services that rely on external DNS queries, including the Amazon Relational Database Service, Simple Queue Service, CloudFront, Elastic Compute Cloud and Elastic Load Balancing.

The UK's The Register reported that AWS customers received a note from company support agents informing them that DDoS mitigations were able to withstand some, but not all, of the malicious traffic. AWS also informed affected customers that they could mitigate the issue by updating "the configuration of their clients accessing S3 to specify the specific region that their bucket is in when making requests to mitigate impact."

Bradley Barth

As director of multimedia content strategy at CyberRisk Alliance, Bradley Barth develops content for online conferences, webcasts, podcasts video/multimedia projects — often serving as moderator or host. For nearly six years, he wrote and reported for SC Media as deputy editor and, before that, senior reporter. He was previously a program executive with the tech-focused PR firm Voxus. Past journalistic experience includes stints as business editor at Executive Technology, a staff writer at New York Sportscene and a freelance journalist covering travel and entertainment. In his spare time, Bradley also writes screenplays.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.