A distributed denial of service attack Wednesday left consumers in northern California unable to access web sites that use the Internet domain name system operated by Neustar Inc., the company says. The sites included Amazon.com, according to the retailer.
The attack reportedly prevented consumers from reaching several major e-commerce sites, though a Neustar spokesman declined to confirm any impact on particular sites and noted that Neustar rectified the effect of the denial of service attack within “well under an hour.”
But a Twitter communication by Jeff Barr, Amazon.com Inc.’s senior manager, web services evangelism, noted that the attack on Neustar’s UltraDNS domain name system “took down” Amazon’s S3 Simple Storage Server and Amazon’s EC2 Elastic Compute Cloud service as well as Amazon.com. Amazon’s EC2 provides Internet-based computing services.
Efforts to reach Barr for direct comment were unsuccessful. But the retailer notes on its Amazon Web Services Health Dashboard web site that its S3, EC2 and Amazon Private Cloud operations experienced issues with the domain name system. Amazon Private Cloud also provides Internet-based computing services.
The dashboard notes that Amazon identified problems with the domain name system on Dec. 23 between 5:43 p.m. and 6:19 p.m. Pacific Standard Time, and that the issues were resolved the same day between 6:38 p.m. and 6:40 p.m.
Neustar released the following statement on Dec. 24: “At 7:45 pm East Coast Time yesterday [Dec. 23] we noticed an abnormal spike in queries and immediately identified it as a distributed denial of service attack. We analyzed the patterns and were able to place mitigation measures in place within minutes of identifying the attack.
“We had everything under control well under an hour. The attack was limited to Northern California Internet users. All along the way we were proactively communication to our customers to let them know exactly what was happening and the steps we were taking.”
A domain name system translates the popular names of web sites, such as Amazon.com and Walmart.com, into the numerical identifiers that ties the addresses to the web servers on which a web site operates. In effect, a domain name system directs traffic from branded web site addresses to the actual servers supporting the requested web sites.
In a distributed denial of service attack on a domain name system, computer network hackers send many requests to connect to web sites, overloading the system and causing it to function slowly or sporadically, if at all.
Amazon is No. 1 in the Internet Retailer Top 500 Guide (a PDF version of the company’s financial and operating profile can be ordered by clicking on its name).