Twitter, Reddit, Spotify Down After Cyber Attack Targets Internet Provider

Users of many other services reported outages as well; The U.S. Department of Homeland Security is investigating 'all potential causes' for attack.

A banner with the logo of Twitter  on the front of the New York Stock Exchange (NYSE) in New York.
A banner with the logo of Twitter on the front of the New York Stock Exchange (NYSE) in New York.Credit: Emmanuel Dunald / AFP

Cyber attacks targeting the internet infrastructure provider Dyn disrupted service on major sites such as Twitter and Spotify on Friday, mainly affecting users on the U.S. East Coast. Services in Israel were also affected.

It was not immediately clear who was responsible and Gillian Christensen of the U.S. Department of Homeland Security said the agency was "investigating all potential causes." 

Dyn said it had resolved one attack, which disrupted operations for about two hours, but disclosed a second attack a few hours later that was causing further disruptions. 

In addition to the social network Twitter and music-streamer Spotify, the discussion site Reddit, hospitality booking service Airbnb and The Verge news site were among the companies whose services were reported to be down. Inc's web services division, one of the world's biggest cloud computing companies, also disclosed an outage that lasted several hours on Friday morning. Amazon could not immediately be reached for comment. 

PayPal Holdings Inc also said that it has experienced some service disruptions due to the cyber attack on Dyn. "This has prevented some of our customers from being able to pay with PayPal in certain regions," said company spokeswoman Amanda Miller. "PayPal was not attacked directly, nor were any of our core services to business impacted in the disruption." 

The attacks were the latest in an increasingly menacing string of distributed denial of service, or DDoS, attacks disrupting internet sites by overwhelming servers with web traffic. 

The U.S. Department of Homeland Security warned on Oct. 14 that hackers were using a powerful new approach to launch these campaigns - infecting routers, printers, smart TVs and other connected devices with malware that turns them into "bot" armies that can launch DDoS attacks. 

"We have begun monitoring and mitigating a DDoS attack against our Dyn Managed DNS infrastructure," the company said on its website. "Our engineers are continuing to work on mitigating this issue." 

Doug Madory, director of internet analysis at Dyn, told Reuters he was not sure if the outages at Dyn and Amazon were connected. 

"We provide service to Amazon but theirs is a complex network so it is hard to be definitive about causality at the moment," he said. 

Dyn is a Manchester, New Hampshire-based provider of services for managing domain name servers (DNS), which act as switchboards connecting internet traffic. Requests to access sites are transmitted through DNS servers that direct them to computers that host websites. 

Dyn's customers include some of the world's biggest corporations and internet firms, such as Pfizer, Visa, Netflix and Twitter, SoundCloud and BT.