Ecommerce

Impact of the National DNS Website Attack on Retail Brands & Cart Providers

By Tinuiti Team

Oct 22 2016

On Friday, hackers sent out two major “denial of service” (DDos) attacks, blocking access to dozens of major websites including Amazon, Paypal, Shopify, and Etsy. The attack targeted the servers of Dyn, a cloud-based Internet Performance Management (IPM) company.

Essentially what happens when a Dyn host is down, domains (ex: www.yourdomain.com) don’t know where to connect – which prevents shoppers access to websites & checkouts.

Even if your ads were up and running, it’s possible that shoppers who clicked on your advertisement were not able to view a product, your website or complete the checkout process due to errors created as a result of the attack.

An attack of this magnitude can create problems between websites – example if your website offers Paypal as a checkout option.

The National DNS Website Attacks – What Happened?

As indicated below, the first attack was reported at approximately 11:10 UTC by Dyn, with a second attack shortly after:

According to a CNBC article, “Internet traffic company Dyn told CNBC late Friday the third cyberattack it’s faced today “has been resolved.”

“The report said Dyn’s engineers were able to mitigate each attack and restore service shortly after the incident.”

The National DNS Website Attacks – Who Was Impacted?

Below is a heat map (by DownDetector) indicating the Internet outages impacted by the service attack:

capture

isitdownrightnow.com – a site that monitors the status of your favorite websites and checks whether they are down or not also revealed a spike in down sites today:

Amazon (one of the many websites impacted) released the following statement, shortly after the second attack:

For some business owners (as seen in Shopify’s Facebook page) the attack sent them into a frenzy – with little support and nearly no answers as to how to get their site(s) back up and running:

How Were Retail Brands Impacted?

On Friday afternoon (3pm PST), CPC Strategy ran an analysis of our Google AdWords client accounts to see if there was any significant change in clicks, impressions, or conversions.

The chart below shows data October 1 to 21, 2016:

As you can see, the average total conversion rate from October 1-20 was 3.0095%.
On Friday, at 3pm we only saw a conversion rate of 2.10%.

Of course, you have to keep in mind this was not a full day of data (just yet) and those numbers are likely to change but judging from the early analysis – it’s evident the attack had an impact on our retail conversion rates.

What does this drop in conversion rate tell us?

Although ads were still being served, it’s likely that when shoppers clicked on an ad they were unable to load the product page or website and could not access the checkout process.

As a result some retailers made the decision to pause their campaigns rather than risk wasted clicks or ad spend during the attack.

The Department of Homeland Security told CNBC that it is ‘looking into all potential causes’ of the attack.

As of now, the websites impacted by the DNS attack include: