The Impact of Recent DDoS Attacks Against DNS Infrastructure

Stephanie Weagle
By | October 21, 2016

Posted in: ISP DDoS Protection , Hosting Provider DDoS Protection

Websites across the East Coast were impacted as a result of a reported DDoS attack against a well-known Domain Name Service (DNS) provider’s Infrastructure.  The online availability of popular brands such as Twitter, Spotify, Basecamp, Netflix and a laundry list of others were impacted.

An attack of this nature is a major warning signal to the Internet community. DNS providers and/or hosts are central are central to the operation of the Internet, and as we have seen today, DDoS attacks targeted specifically against DNS Providers can be especially damaging - not only for the intended victim, but also from the perspective that there will also be significant collateral damage.

 I spoke with Corero’s CTO & COO, Dave Larson on this latest news and he provided the following perspective;

“A DDoS attack, regardless of the vector or technique utilized, against a DNS operator targeting a domain or group of domains can effectively shut down service to that domain, as well as any other domains serviced in a particular region.  Innocent bystanders are immediately impacted until the attack subsides or a resolution is put into place. DNS providers are central to the operation of the Internet and must consider DDoS attacks as a critical availability issue and maintain automated mitigation techniques in order to protect their customers from this breed of attack.

Cloud based DDoS mitigation services which rely on human intervention, and re–routing of Internet traffic in the event of DDoS will not suffice in these attack situations. “

To fully appreciate the magnitude of DNS’ contribution to the Internet as a whole, one must consider how DNS actually works.

According to DNS provider, Verisign, DNS is a central part of the Internet:

“DNS Provides a way to match names (a website you’re seeking) to numbers (the address for the website). Anything connected to the Internet - laptops, tablets, mobile phones, and websites - has an Internet Protocol (IP) address made up of numbers. Your favorite website might have an IP address like 64.202.189.170, but this is obviously not easy to remember. However a domain name such as bestdomainnameever.com is something people can recognize and remember. DNS syncs up domain names with IP addresses enabling humans to use memorable domain names while computers on the Internet can use IP addresses.”

DYN, another well-known DNS provider describes it as:

“A phone book for the Internet. If you know a person’s name but don’t know their telephone number, you can simply look it up in a phone book. DNS provides this same service to the Internet.”

Regardless of the type of DDoS attack, or the vector it takes on, attacks of this nature have serious implications to organizations that are unprepared for the onslaught of attack traffic that ensues.  Without an anti-DDoS solution, designed to detect and mitigate attacks instantaneously, providers of all types are left to rely on human analysts, legacy technology and out-of band solutions that cannot detect and provide remedies ahead of service outages and latency.

If you’d like to learn more, please contact us.

You May Also Be Interested In: