This means nothing is visible. The pages can all be there, but “you can’t get there from here.”
The National Institutes of Health (nih.gov), the National Library of Medicine (nlm.nih.gov), the clinical center (cc.nih.gov) and the National Cancer Institute (cancer.gov) ** have all been taken offline. Trying to connect generates a “server not found” type error. That means you (the client) can’t find the server out on the Internet. This connectivity problem is affecting multiple institutes in the NIH.GOV domain, NIMH, NINDS, NIAID, etc. although people are reporting they can still see PubMed (pubmed.ncbi.nlm.nih.gov and ncbi.nlm.nih.gov/pubmed). Some see one, but not the other.
Request: If you are able to load a site linked above, please put it in the comments. Also give your local time and the state you are in and your ISP. If you have VPN, check using an East Coast and a West Coast server to see if you get same results.
This means all the web access and email access have been cut. Millions of pages have been made unreachable with a few keystrokes. All the email accounts using those domain names are presumably also unreachable.
Request: If you know someone with an nih.gov email, send them a note. Let’s see if they get it. If you have an nih.gov email account, check and see when the last email came in. Please post any results in the comments.
The attack is at the level of DNS (domain name server) and requires authenticated superuser administrator privilege.
About 5% of worldwide traffic to health sites goes through a domain associated with NIHThere are over 500,000 external sites linking to NIH. Those are hospitals, clinics, research facilities, both in the US and abroad. The same is true for the Library of Medicine. The same is true for the National Cancer Institute.
This is an insider attack. The only people who can change those records are authenticated network administrators with superuser privileges on the network. The United States government is now being attacked from inside. Here is a link to a tool you can use to verify this yourself. Is It Down?
NOTE: Some people are still seeing some pages. This is likely due to your local name server not having updated yet. The internet is a big place, changes to these fundamental records have to propagate. Imagine if we were in two places in the galaxy. A star goes out. You are 1 light year from it, I am 10 light years from it. You will see it go out before I do. That’s what happens when DNS records are updated. If you are doing this on a phone, simply turn off your wifi connection and try using the carrier to see what I am talking about.
** ERRATUM I originally had the URL to National Cancer Institute as NCI.GOV. The correct URL is CANCER.GOV
FINAL UPDATE [21:00 ET]: All NIH sites are now visible to the Internet, regardless of what tool or location you are accessing from. I want to thank everyone who took the time to comment and report in. The contemporaneous reporting in the comments leaves a clear record that something highly unusual happened in an extremely sensitive administrative domain responsible for managing a key national asset. The significance of that is currently unclear. Time will tell.
Like many people here, I have been horrified watching things unfold over the last few weeks, particularly in the information infrastructure area. That makes me biased. Mindful of my bias, and given my confidence in the wisdom of the group assembled here, I decided to post my concerns so other people could weigh in as a reality-check. The responses I got were every bit as helpful as I had hoped. Thank you all for taking the time to respond and adding your own insights. There were a lot of comments, I tried to address all of them. If I missed any, I apologize.
Unfortunately, nothing that happened today gives me reason to lower my guard. Absent any new developments, I am going to consider the matter closed. However, I am leaving this up as a contemporaneous record of events in case we need to revisit the issue in the future.
Thank you all.
Good night and good luck!
