Distributed Denial of Services shortly known as (DDoS) attack is a malicious attempt to make a targeted system, like a website or application, which makes the system unavailable to end users. In order to target this, attackers use a variety of techniques that uses network or other resources, interrupting access for end users.
Three days earlier Amazon Web Services (AWS) customers were hit by a DDOS attack which was lasted more than eight hours. This DDoS attack hit the cloud giant’s Router 53 DNS web service, which in turn had a knock-on effect on other services including Elastic Load Balancing (ELB), Relational Database Service (RDS), which require public DNS resolution. “Between 10:30 AM and 6:30 PM PDT, we have experienced errors with resolution of some AWS DNS names. It all started at 5:16 PM, a very small number of particular DNS names experienced a higher error rate. However all these issues have been resolved “, an update released by AWS .
This attack on AWS has left many customers to access AWS’s S3 services, with many AWS services relying on external DNS queries, including its Relational Database Service (RDS), and Elastic Load Balancing (ELB). In mean time messages sent to customers during this attack time clarified that the firm’s DNS servers were indeed experiencing a DDoS attack. Effectiveness of the AWS DDoS platform Shield Advanced, especially as it appeared to have made things worse for many customers.
“DDoS mitigations are absorbing the majority of this traffic, but these mitigations are also been flagging few legitimate customer queries at this time. In addition to this “We are actively working on additional mitigations, as well as tracking down the source of the attack to shut it down.” The firm said.
The Google Cloud Platform (GCP) also experienced problems at around the same time but it was not related to the AWS, although it clarified that DDoS was not the cause. Given the size of AWS and the traffic it handles at any given time, the attack must have been significant. However AWS’s Route 53 Service Level Agreement (SLA) promises 100 percent uptime.
Citing the potential mitigation concerns, this DDoS attack should be a reminder to security leaders to ensure they safeguard their cyber-defenses, from t websites and applications. Customers were able to resolve the issue by updating each and every configuration of their respective clients accessing S3.