DDOS & Another Typo Brings Down Web

Human Error and Tactics Taking Down Internet

Steve Smith talks about the Amazon S3 outage, and DDOS attack that took down part of Godaddy, and DYN.

Episode #7-27 released on March 4, 2017

Watch on Youtube

This week is Godaddy's and Amazon's turn. In Amazon's case yet another typo takes down a huge portion of the Internet. I am referring the AWS service, which owns 40 percent of the cloud services market, which means many companies rely on them for their web-sites, online services, applications, and more. In the case of Godaddy, their East Coast outage was the result of another DDOS attack.

What cause the Amazon server outage on Tuesday in the first place?

Human error, an employee of the S3 team was attempting to create a small subset of offline servers to work on a bill system issue. This is a normal protocol, ask any web developer worth their weight in Gold. While, the process is standard, a simple type in a command resulted terminate with the removal of a larger subset of servers, resulting in the server outages we experienced on Tuesday. Now, despite a long track record of server reliability, Amazon further indicated that the tool responsible for the service black out will have its capacities scaled back to prevent this kind of event from occurring at this scale in the future. And future more, they'll be taking this event in consideration and bettering the rest of the infrastructure and improve its systems.

What happened to take down Godaddy on the East Coast?

A series of three DDOS attack resulting from millions of unique IP addresses resulting in a sophisticated and complex targeted attack on Dyn's Internet directory servers took out the East Coast of United States of DNS servers, also, leading the West Coast being offline as well. Yet, another Botnet attack brought about by Mirai and other Botnets using infected IoT devices in a much more challenging to mitigate attack against DYN than they are used to seeing. An attack so devastating that event Cloudflare experienced errors along its own network. To give you a good idea of what was happening, the servers that were being targeted were the address books of the Internet. If a domain name server you rely on to connect to web-sites is offline, even if the actual server you wish to access is online, you will be unable to connect to said server to begin with.

What can we take from these supposedly unrelated incidents?

Coding practice and planning are important. In the case of Amazon, a set of normal protocols lead to downtime. In the case of Godaddy, DYN, and many others bad software implementation lead the way to the creation of Mirai Botnet, and many others. Solve bugs before coding, think about implementation and device security. Good coding practices lead to a safer Internet.

Host : Steve Smith | Music : | Editor : Steve Smith | Producer : Zed Axis Dot Net

Sources & Resources