DDoS Attack on Amazon Web Services caused intermittently outage

This week Amazon Web Services (AWS) suffered a major distributed denial-of-service (DDoS) attack that made it unavailable for some customers.

This week, threat actors launched a massive DDoS attack against Amazon Web Services (AWS) causing the inability of some customers to access their AWS S3 buckets.

Users were intermittently unable to access online services relying on the Amazon infrastructure that was under attack.

According to the company status page, hackers were targeting the AWS DNS servers flooding them with junk network traffic.

The attacks lasted for around 8 hours, between 10:30 AM and 6:30 PM PDT, but some of DNS names experienced problems starting 5:16 PM.

The company reported intermittent DNS resolution errors with Route 53 and external DNS providers, it also informed the users of the ongoing DDoS attack.

“We are investigating reports of occasional DNS resolution errors. The AWS DNS servers are currently under a DDoS attack. Our DDoS mitigations are absorbing the vast majority of this traffic, but these mitigations are also flagging some legitimate customer queries at this time. We are actively working on additional mitigations, as well as tracking down the source of the attack to shut it down.” reads the notification sent to the AWS users. “Amazon S3 customers experiencing impact from this event can update the configuration of their clients accessing S3 to specify the specific region that their bucket is in when making requests to mitigate impact.”

Users attempting to access Amazon’s services were redirected to its status page.

The attack also impacted many companies, including Digital Ocean, which has had issues with accessing S3/RDS resources inside Droplets.

“Our Engineering team is continuing to monitor the issue impacting accessibility to S3/RDS/ELB/EC2 resources across all regions,” the company wrote on the incident’s status page at 23:25 UTC on Oct 22.”

At the time of writing all the impacted systems have been restored,

[adrotate banner=”9″]

[adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – Amazon, DDoS)

[adrotate banner=”5″]

[adrotate banner=”13″]

Pierluigi Paganini

Pierluigi Paganini is member of the ENISA (European Union Agency for Network and Information Security) Threat Landscape Stakeholder Group and Cyber G7 Group, he is also a Security Evangelist, Security Analyst and Freelance Writer. Editor-in-Chief at "Cyber Defense Magazine", Pierluigi is a cyber security expert with over 20 years experience in the field, he is Certified Ethical Hacker at EC Council in London. The passion for writing and a strong belief that security is founded on sharing and awareness led Pierluigi to find the security blog "Security Affairs" recently named a Top National Security Resource for US. Pierluigi is a member of the "The Hacker News" team and he is a writer for some major publications in the field such as Cyber War Zone, ICTTF, Infosec Island, Infosec Institute, The Hacker News Magazine and for many other Security magazines. Author of the Books "The Deep Dark Web" and “Digital Virtual Currency and Bitcoin”.