Denial-of-service attacks beginning in the morning and stretching into the afternoon shut down major websites across the internet today, as DNS service company Dyn was hit by at least three apparently targeted strikes.
The affected websites included Twitter, Spotify, and Vox Media (parent company of The Verge). In a note posted earlier this morning, Dyn, which is responsible for routing traffic requests for several sites, confirmed it was under attack:
Starting at 11:10 UTC on October 21th-Friday 2016 we began monitoring and mitigating a DDoS attack against our Dyn Managed DNS infrastructure. Some customers may experience increased DNS query latency and delayed zone propagation during this time. Updates will be posted as information becomes available.
In a more recent update, the company said the problems were mainly affecting customers on the United States East Coast. "Our Engineers are continuing to work on mitigating this issue," the company wrote. After first saying the attack appeared to be under control, Dyn then issued another update in the afternoon saying a new strike was being carried out. The Department of Homeland Security is reportedly investigating the incidents.
Several other websites were shut down as an apparent result of the attack. Among those appeared to be Reddit, Airbnb, Tumblr, Amazon, and The New York Times, although the final list of those affected seems to be much longer. An outage map shows the scope of the problem:
Update October 21st, 9:49AM ET: In another update, Dyn says the issues have been resolved.
Update October 21st, 1:02PM ET: Dyn now writes it is once again under attack.
Update October 21st, 4:28PM ET: Dyn reportedly hit by a third DDoS attack.