A denial-of-service attack on a key piece of Internet plumbing took dozens of the world’s most popular websites largely offline Friday morning – and a fresh attack threatened renewed outages in the afternoon.
The White House said it was aware of the situation and that the Department of Homeland Security was looking into it.
Dyn Inc, which runs domain name servers, said on its website that it was subject to a distributed denial of service, or DDoS, attack. Domain name servers translate website names to the numeric Internet Protocol addresses behind them. Dyn, headquartered in Manchester, New Hampshire, is one of the larger companies in that business.
Major Internet services including Spotify, Twitter, Reddit, the PlayStation Network, Netflix, SoundCloud and a number of media websites were difficult or impossible to reach early Friday.
DownDetector.com, a popular website for checking Internet outages, showed a sharp and simultaneous spike in users reporting sites being inaccessible just after 7 a.m. ET.
Service providers including Comcast, Cox, Time Warner Cable and AT&T were also affected.
Dyn said normal service was restored just over two hours later. But on its website it reported a new attack as of 11:52 a.m. ET.
“(We) have begun monitoring and mitigating a DDoS attack against our Dyn Managed DNS infrastructure. Our Engineers are continuing to work on mitigating this issue,” the company said on its status update page.
On social media, people reported renewed difficulty accessing Spotify in Europe, as well as problems with photos and video on Twitter. DownDetector showed fresh spikes in outage reports for sites including PayPal, Netflix and Pinterest.
The attacks immediately renewed fears about the security of the Internet’s core infrastructure, particularly with the presidential election – already the subject of hacking concerns – less than three weeks away.