Spike in DNS DDoS attacks impacting operators

The number of DNS-based distributed denial of service (DDoS) amplified attacks has increased significantly in recent months, according to DNS applications provider Nominum. The firm said that the attacks, performed by hackers targeting vulnerable home routers worldwide, can create ten seconds of Gbps of traffic to disrupt individuals, enterprises, websites and networks.

Dawinderpal Sahota

April 3, 2014

2 Min Read
Telecoms logo in a gray background | Telecoms

The number of DNS-based distributed denial of service (DDoS) amplified attacks has increased significantly in recent months, according to DNS applications provider Nominum. The firm said that the attacks, performed by hackers targeting vulnerable home routers worldwide, can create ten seconds of Gbps of traffic to disrupt individuals, enterprises, websites and networks.

Nominum’s recent research reveals that over 24 million connected home routers have open DNS proxies, which expose operators to DNS-based DDoS attacks.

It found that in February 2014, more than 5.3 million of these routers were used to generate attack traffic. Nominum added that during one attack in January 2014, more than 70 per cent of total DNS traffic on one operator’s network was associated with DNS amplification.

According to the firm, DNS amplification attacks require little skill and effort yet are able to cause a large amount of damage, which is why they are increasingly popular among hackers. It is difficult for ISPs to determine the ultimate destination and recipient of huge waves of amplified traffic, said Nominum, because vulnerable home routers mask the target of an attack.

 

The Broadband LATAM conference is taking place on 3rd– 4th June 2014 at the Grand Hyatt, Sao Paulo, Brazil. Click here to download a brochure.

DNS-based DDoS amplified attacks can impact networks by saturating bandwidth with malicious traffic. They can also generate a spike in support calls due to service disruption, impacting an operator’s costs, and give users a poor user experience causing them to churn, in turn impacting operators’ revenue.

Sanjay Kapoor, CMO and SVP strategy at Nominum explains how operators can enhance their engagement with subscribers using DNS capabilities and measure the success of their efforts more effectively.

Sanjay Kapoor, Cmo And Svp Strategy At Nominum Explains How Operators Can Enhance Their Engagement With Subscribers Using Dns Capabilities And Measure The Success Of Their Efforts More Effectively.

“Existing in-place DDoS defenses do not work against today’s amplification attacks, which can be launched by any criminal who wants to achieve maximum damage with minimum effort,” explained Sanjay Kapoor, CMO and SVP of strategy at Nominum. “Even if ISPs employ best practices to protect their networks, they can still become victims, thanks to the inherent vulnerability in open DNS proxies.”

Kapoor added that operators need more effective protections built-in to DNS servers as modern DNS servers can precisely target attack traffic without impacting any legitimate DNS traffic.

Subscribe and receive the latest news from the industry.
Join 56,000+ members. Yes it's completely free.

You May Also Like