A DDoS attack on Amazon Web Services' DNS servers caused intermittent outages and errors for users.

As first reported by The Register, the partial downtime started yesterday at 10:30 am US East Coast time. As of writing, AWS's DNS servers are now operational.

AWS Logo
– Sebastian Moss

Systems online

During the reported attack, AWS tweeted: “We're investigating reports of intermittent DNS resolution errors with Route 53 & our external DNS providers. We're working towards resolution & will post updates here: http://amzn.to/aws-shd

The tech giant’s status page now reads: “Between 10:30 AM and 6:30 PM PDT, we experienced intermittent errors with the resolution of some AWS DNS names. Beginning at 5:16 PM, a very small number of specific DNS names experienced a higher error rate. These issues have been resolved.”

Over-protected

AWS introduced free DDoS protection for its clients with added protection for paying customers.

The service was introduced in 2016 following a massive DDoS attack against DNS provider Dyn that impacted AWS, Twitter, Netflix and more.

According to Jeff Barr, chief evangelist at AWS, the basic version can protect customers against 96 percent of the most common attacks today, including SYN/ACK floods, reflection attacks, and HTTP slow reads.

However, during this attack, the DDoS protection inadvertently also dropped legitimate user queries, meaning that websites and apps were not able to contact AWS systems.

Further reading