Since this morning, many internet users have had trouble reaching dozens of major websites, including Twitter, Reddit, Spotify, and CNN. The culprit seems to be an attack on the domain name system, or DNS, a little-known part of infrastructure that plays a crucial role online.
This morning, someone — it’s not clear who — began flooding a popular DNS provider, called Dyn, with fake traffic. The attack overwhelmed its servers and brought DNS service to a grinding halt for a few hours. Dyn says it resolved the problem this morning but the attacks resumed later in the day.
When your computer tries to connect to a site like Twitter, its first step is to do a DNS query to find out the numeric IP address for Twitter’s server. But if the site uses Dyn as its DNS provider, your computer may not have gotten a response. So even though Twitter’s web servers might have been working perfectly, you wouldn’t have been able to read the site.
Not every user had problems this morning. One reason is that most internet service providers run their own DNS servers that keep local copies of frequently accessed domains. If Twitter’s main DNS server isn’t responding, your computer — or a computer run by your ISP — may still know Twitter’s IP address because it looked up the address a few hours earlier.