Square said there was “no evidence” a cyberattack caused an outage that left customers and small businesses unable to use the payment giant’s technology on Thursday through early-Friday.
The payments technology giant said in a post-mortem of the daylong outage that the issue was caused by a DNS issue. DNS, or domain name system, is the global protocol that converts human-readable web addresses into IP addresses, which allow computers to find and load websites from all over the world.
But if a company’s DNS settings are misconfigured or incorrectly changed, at worst it can cause the entire company to appear as if it’s dropped off the internet. That’s what happened with Square.
“While making several standard changes to our internal network software, the combination of updates prevented our systems from properly communicating with each other, and ultimately caused the disruption. The issue also affected many of our internal tools for troubleshooting and support, making them temporarily unavailable,” Square said in a blog post.
DNS issues are not rare, if anything they’re relatively commonplace because DNS is notoriously complicated and easy to get wrong. There is an adage in cybersecurity circles: It’s always DNS, and if it’s not DNS, it’s probably BGP (a similarly complicated internet protocol that, like DNS, can beset even the world’s biggest companies). Because DNS relies on distributed servers around the world — many offered by internet providers and networking providers — new DNS settings can take anything from a few minutes to hours, sometimes days, to fully propagate globally.
Square did not say more about how the DNS issue went down, and a spokesperson did not respond to a request for comment.
In 2021, Notion experienced a DNS issue that saw the note-taking app fall offline for several hours, prompting the company to tweet at its web host for help. Months later, an outage at Akamai — a major provider of DNS services — was hit by an outage, causing a knock-on effect to some of the world’s biggest sites, including banks and airlines.
That said, cyberattacks targeting DNS services are not unheard of. In 2016, several enormous waves of junk traffic targeting internet giant Dyn knocked the company’s DNS servers offline, effectively taking down Twitter, SoundCloud, Spotify, Shopify, and other major online sites that relied on Dyn’s services. The cyberattack was caused by a huge botnet of hijacked internet devices ensnared by the Mirai malware.