Amazon Web Services, one of the world's biggest and most popular on-demand cloud platforms, has come under a distributed denial of service (DDoS) attack yesterday, rendering some of the websites and services unavailable to their visitors and users.
The DDoS attack was confirmed by Amazon and its support agents. It is hard to pinpoint exactly how long the attack lasted, given that the different sites were on and off at different times. In an updated announcement from the company, it was said that the attack started at 10:30AM and lasted until 6:30PM PDT.
The issue has since been resolved.
Even though S3 was most affected, there were other services that felt the sting of the DDoS, including different services that rely on external DNS queries - Amazon Relational Database Service (RDS), Simple Queue Service (SQS), CloudFront, Elastic Compute Cloud (EC2), and Elastic Load Balancing (ELB).
There was no talk about who might be behind the attack.
DDoS attacks are one of the oldest types of attacks against online services and as such, one that has transformed most during the ages. It revolves around a simple premise – if you flood a server with enough data requests, it eventually won’t be able to comply with all of them and will ultimately crash.
There are different methods of mitigating DDoS attacks, most popular being services that can identify and stop trash traffic. However, hackers have evolved their methods and often mix trash with legitimate traffic, making tracking harder.
Nowadays, hackers are also looking to add more IoT devices to their botnets, making DDoS attacks more powerful. Everything from internet-connected TVs, to printers, to smart home devices, are being targeted, compromised, and then leveraged for sinister goals. The Mirai botnet is currently considered the biggest, most dangerous one.