What to Know
- A DDoS attack crippled domain name server company Dyn Inc on Friday morning, and a fresh attack started Friday afternoon
- The attacks rendered sites like Spotify, Twitter and SoundCloud difficult or impossible to reach
- The White House says government agencies are looking into what happened
A third wave of denial-of-service attacks on a key piece of internet plumbing was resolved by late Friday, said the company that was targeted.
Internet infrastructure company Dyn Inc. told CNBC earlier in the day that the third wave was underway, causing more disruptions after dozens of the world's most popular websites were taken largely offline Friday morning.
The White House said it was aware of the situation and that the Department of Homeland Security was looking into it; a senior law enforcement official told NBC News that the FBI has been investigating as well. U.S. intelligence officials told NBC News Friday afternoon that they did not know who was responsible for the attacks, though one source said involvement by North Korea had been ruled out.
Dyn, which runs domain name servers, said on its website that it was subject to a distributed denial of service, or DDoS, attack. Domain name servers translate website names to the numeric Internet Protocol addresses behind them. Dyn, headquartered in Manchester, New Hampshire, is one of the larger companies in that business.
Major internet services including Spotify, Twitter, Paypal, Reddit, the PlayStation Network, Netflix, SoundCloud and a number of media websites were difficult or impossible to reach early Friday.
DownDetector.com, a popular website for checking internet outages, showed a sharp and simultaneous spike in users reporting sites being inaccessible just after 7 a.m. ET and again around noon.
Service providers including Comcast, Cox, Time Warner Cable and AT&T were also affected.
Dyn told CNBC that it was being hit by "tens of millions of IP addresses" Friday afternoon, around 4:15 p.m. ET. They said one of the sources of the attack is devices like DVRs, printers, and other appliances that are connected to the internet, collectively known as the "Internet of Things."
Dyn said normal service was restored just over two hours later. But on its website it reported a new attack as of 11:52 a.m. ET that was still underway a half hour later.
"(We) have begun monitoring and mitigating a DDoS attack against our Dyn Managed DNS infrastructure. Our Engineers are continuing to work on mitigating this issue," the company said on its status update page.
Later Friday, Dyn released a statement saying the third attack "has been resolved."
The extent of the effect was not clear as the attacks unfolded — Twitter experienced partial outages throughout the day.
"The earlier issues have resurfaced & some people may still be having trouble accessing Twitter," the company wrote on its support account at 12:55 p.m. ET. "We’re working on it!"
After four and a half hours of problems, Twitter reported that Dyn had mitigated the attacks and that Twitter was once again available to all its users.
Dyn said it was "still investigating and mitigating the attacks on our infrastructure," though a monitoring issue was resolved, it tweeted shortly after 3 p.m. ET.
On social media, people reported renewed difficulty accessing Spotify in Europe, as well as problems with photos and video on Twitter. DownDetector showed fresh spikes in outage reports for sites including PayPal, Netflix and Pinterest.
The attacks immediately renewed fears about the security of the Internet's core infrastructure, particularly with the presidential election - already the subject of hacking concerns - less than three weeks away.
(Comcast is the owner of NBC parent NBCUniversal.)