AWS Left Reeling After Eight-Hour DDoS
October 25, 2019 Share

AWS Left Reeling After Eight-Hour DDoS

Amazon Web Services (AWS) customers were hit by severe outages yesterday after an apparent DDoS attack took S3 and other services offline for up to eight hours.

The attack hit the cloud giant’s Router 53 DNS web service, which had a knock-on effect on other services including Elastic Load Balancing (ELB), Relational Database Service (RDS) and Elastic Compute Cloud (EC2), that require public DNS resolution.

A status update by AWS, since replaced, claimed: “Between 10:30 AM and 6:30 PM PDT, we experienced intermittent errors with resolution of some AWS DNS names. Beginning at 5:16 PM, a very small number of specific DNS names experienced a higher error rate. These issues have been resolved.”

A message sent to customers during this time clarified that the firm’s DNS servers were indeed experiencing a DDoS attack. The outages call into question the effectiveness of the AWS DDoS-mitigation platform Shield Advanced, especially as it appeared to have made things worse for some customers.

“Our DDoS mitigations are absorbing the vast majority of this traffic, but these mitigations are also flagging some legitimate customer queries at this time,” the firm said.

In an apparently unrelated incident, the Google Cloud Platform also experienced problems at around the same time yesterday, although it clarified that DDoS was not the cause.

The issues affected Google Compute Engine, Cloud Memorystore, Google Kubernetes Engine, Cloud Bigtable and Google Cloud Storage. They included network programming and packet loss for Cloud Networking customers and packet loss for Google Compute Engine users.

Anthony Chadd, global SVP for Neustar, argued that the attack on AWS must have been significant.

“Citing potential mitigation concerns, this attack should serve a reminder to security leaders to ensure they safeguard their cyber-defenses on an always-on basis across a number of levels, from the perimeter to websites and applications, underpinned by intelligence,” he added.

“Prevention is always better than the cure, and the cost of not doing so — from reputational damage to additional technology investment, compensation and possibly regulatory action — can have an undesired impact on the bottom line.”

This post AWS Left Reeling After Eight-Hour DDoS originally appeared on InfoSecurity Magazine.

Read More