Incidents

Amazon Web Services servers and customers affected by a massive DDOS attack for hours

According to digital forensics specialists, Amazon Web Services (AWS), the technology giant’s cloud computing services division, has been the victim of a sustained denial of service (DoS) attack. Apparently, the threat actors kept the attack for more than eight hours.

The attack affected the company’s DNS Router 53 service, although many other outages were reported in other services. Although AWS has its own DoS attack mitigation system, known as Shield Advanced, it was not possible for Amazon to stop the attack altogether. 

Other cloud services, such as the Google Cloud
Platform, also reported simultaneous impacts, although digital forensics
experts have not yet spoken out about a possible link between the two
incidents. Speaking for a platform specializing in cybersecurity, a Google
spokesperson mentioned that they have no evidence to confirm a DoS attack on
the company’s systems.

During the incident, thousands of AWS users
were made unable to access the company’s S3 service, and some services on the
platform remained dependent on some external DNS queries.

On the AWS dashboard, the company issued a
security alert mentioning: “We experienced errors intermittently between
10:30 and 18:30; since 17:00, a small number of DNS names showed a higher range
of errors. The problems have already been solved.” 

In addition, the company sent an email to its
customers, informing them that the DNS outage was caused by a DoS attack.
“Shield Advanced played a decisive role in handling the incident, although
as a result of this mitigation process some legitimate queries from customers
were taken by malicious, leaving affected users unable to connect”,
secures the message. 

The International Institute of Cyber Security (IICS)
digital forensics experts mention that because of the size of AWS, in addition
to the large amount of traffic being distributed at all times, this incident
had to be a massive DoS attack, although it was still a massive DoS attack,
although it was still much of the details are missing from being revealed. 

Comments
To Top