There has been legitimate concern in recent years about what a significant potential single-point-of-failure Amazon Web Services (AWS) has become, given their dominance in the public cloud space. Many large technology enterprises have made it a priority to architect for such outages, believing them to be inevitable moving forward.
But how many people knew there was such a high-risk single point of failure in New Hampshire? How widespread was the awareness that this single point of failure could wreak havoc on such web giants as Reddit, CNN, Paypal, Twitter, the New York Times, Spotify, Shopify, Soundcloud, Etsy, Github, and Salesforce.com’s Heroku cloud services platform?
Based in Manchester, New Hampshire, Dyn is a domain name system (DNS) host, serving as a web traffic delivery mechanism by translating letter-based URL’s into their associated numeric IP addresses. A distributed denial of service (DDoS) attack on Dyn DNS left many internet users, especially in the Northeast, without some of their favorite web-based tools on Friday morning.
The fact that an attack on a single DNS host that the vast majority of web users have never heard of before could orchestrate such widespread downtime is certainly a cause for concern, as is the possibility that the attack was retribution for a Dyn employee giving a presentation calling out some controversial tactics by another web services firm in protecting against DDoS attacks.
Whatever the story turns out to be, today’s attack will likely result in IT security and uptime professionals gaining additional work hours, sleepless nights, and prematurely gray hair, as they effort to fight off increasingly sophisticated and aggressive cyber assaults.
And it leaves the rest of us wondering just how many more single points of failure are out there.