Level 3 takes brunt of user ire after Dyn denial of service attack

The dreaded red blob: Screenshot of geographic locations from which users reported outages on Level 3's transport network as of Oct. 21, 2016. However, Level 3 said its networks were unaffected during a multiple-wave DDoS aimed at New Hampshire-based Dyn DNS. Map image: Downdetector.com

Users on crowdsourced outage reporting website Downdetector thought Level 3's network was down Friday during a DDoS attack -- one that really targeted Dyn, a domain name server (DNS) provider based in New Hampshire.

Level 3 said its network is not suffering any from any distributed denial of service (DDoS) attack, disputing user reports made on Downdetector earlier this morning, and saying that the site's information is not accurate.

“The Level 3 network is operating normally,” the transport provider said in a tweet on Friday. “Please note, reports of an outage by Downdetector are not accurate.”

Complaints spiked in the wake of a DDoS attack against another company, Dyn.

RELATED: Level 3’s North American enterprise revenue may fall short of expectations, says Jefferies

Downdetector reported on its site that Level 3 began having network issues at 8:31 AM ET for its managed and internet services.

In this screenshot, Downdetector recorded user reports of an outage on Level 3's network beginning around 8:00 a.m. ET and ramping downward after 11 a.m. on Oct. 21, 2016. 
Attribution/Copyrights
Downdetector

A Level 3 spokesperson later told FierceTelecom in an e-mail that its Security Operations Center (SOC) does not have reports of any issue.

“At this time, we do not have an update,” the spokesperson said. “The SOC is not seeing anything on our network.” 

Solutions architect Ant Stanley of A Cloud Guru Ltd. pointed out in a Twitter post that Level 3's network was more likely "under heavy load" due to a DDoS attack against DNS provider Dyn, which reported it was under attack earlier this morning.

Dyn said that the attack began at 11:10 UTC, or 6:10 AM EDT, and impacted its managed DNS service customers on the East Coast. As a result, a number of websites were offline due to the attack, including Airbnb, Tumblr, Amazon, The New York Times, Twitter and others.

Later, Dyn reported that as of 9:21 AM EDT “services have been restored to normal,” although sites like Twitter were operating spottily a few hours later amid a few Downdetector and Twitter posts that the DDoS attack may have resumed.

Dyn ultimately weathered three waves of denial-of-service attacks involving tens of millions of IP addresses, the company said in a statement issued Saturday. "We are conducting a thorough root cause and forensic analysis, and will report what we know in a responsible fashion. The nature and source of the attack is under investigation, but it was a sophisticated attack across multiple attack vectors and internet locations," said Kyle York, chief strategy officer at Dyn, in the blog post.