Square, the renowned payments technology giant, has successfully addressed a recent daylong outage that left customers and small businesses unable to utilize its services. Square has denied a cyberattack as the cause of the disruption. Instead, the company’s post-mortem analysis points to a DNS issue as the root cause of the problem.
The DNS Dilemma
Square determined that the root cause was a DNS issue during the outage. DNS, a worldwide protocol, is essential for converting human-readable web addresses into the numerical IP addresses needed for computers to access websites worldwide. Misconfigured or improperly altered DNS settings can cause an organization to vanish from the internet, as seen with Square.
Square’s blog post explained that the outage occurred during routine updates to its internal network software. The updates disrupted communication within the system, causing widespread issues. During this period, several of Square’s internal tools for troubleshooting and support were temporarily unavailable.
DNS issues are not an anomaly; they are relatively common due to the intricate nature of DNS configurations. It’s often joked in cybersecurity circles that “it’s always DNS.” This quip underscores the challenges associated with DNS setup.
Similarly, the Border Gateway Protocol (BGP), another complex internet protocol, can disrupt even the world’s largest companies.
Past Cyberattacks Targeting DNS
While DNS issues are a recurring challenge, cyberattacks targeting DNS services have also occurred. In 2021, Notion, a popular note-taking app, experienced a DNS issue that resulted in several hours of downtime. One of the most notable cyberattacks targeting DNS services occurred in 2016 when Dyn, a DNS provider, was attacked. A massive botnet infected with Mirai malware caused massive DNS server disruptions, causing significant downtime for popular online platforms like Twitter, SoundCloud, Spotify, and Shopify.
While Square has successfully resolved its recent outage caused by a DNS error, this incident sheds light on the intricate nature of DNS configurations and their potential to disrupt even the most prominent technology companies.