Skip to main content

DDoS Attacks Abuse DNS Services

Distributed Denial of Service (DDoS) attacks are a serious threat to an organization’s ability to attract, retain, and interact with customers. Simply put, a DDoS attack is designed to render an organization’s web presence inaccessible to legitimate users by overwhelming the underlying infrastructure with malicious traffic.
ddos
Traditional DDoS attacks are only becoming cheaper and easier to perform. The rise of the Internet of Things (IoT) and growth of cloud computing mean that cybercriminals have easy access to a great deal of Internet-connected computational power. These botnets can be tasked to send malicious requests to a website in volumes greater than the web servers can withstand.
However, the growth of cheap and easily accessible computing power is not the only way in which the DDoS threat landscape is evolving. Cybercriminals are also taking advantage of new tools and techniques to perform their attacks. One example of such a technique is the NXNSAttack. This attack takes advantage of the properties of recursive Domain Name System (DNS) servers to perform a DDoS attack against the victim’s DNS server. If this DNS server is not behind robust DDoS protection, it could become overwhelmed, leaving the organization’s website inaccessible to legitimate users.
The Importance of DNS Infrastructure
When using the Internet, most people don’t type in the IP address of the computer that they are trying to access. Instead, they type a domain name or URL, such as google.com. However, these IP addresses are what the client computer and the routers on the path between the source and destination computers require to ensure that the traffic reaches its intended destination.
DNS is the Internet protocol that enables the translation of domain names to IP addresses. The DNS infrastructure is organized as a hierarchy of servers designed to handle queries for a certain domain. This means that a query to resolve a particular website’s URL may require requests to multiple DNS servers (i.e. .com, google.com, etc.). In order for a website to be accessible to users, they need to be able to convert its URL to the IP address of the server hosting it. This requires every DNS server required to resolve the address to be online and reachable by a computer.
The 2016 DDoS attack against Dyn, a major DNS provider, demonstrates the potential impact of a DDoS attack against DNS infrastructure. During the attack, the servers hosting Dyn’s managed DNS service were targeted by a couple of DDoS attacks from the Mirai botnet. While the service was eventually able to overcome the attack, a significant percentage of the Internet became unreachable during the attack when the service was incapable of resolving the DNS requests of legitimate users.
DNS System Used in DDoS Attacks
DDoS attacks against DNS infrastructure are nothing new, as demonstrated by the 2016 DDoS attack against Dyn. However, the relationship between DDoS attacks and DNS services are not always those of attacker and target. Some DDoS attacks are designed to take advantage of DNS services to amplify the impact of the attack. A recently-discovered attack takes advantage of the hierarchical structure of DNS infrastructure. Recursive DNS servers are designed to pass DNS requests to authoritative servers that sit upstream to resolve the domain name into an IP address. These authoritative servers also have the ability to delegate this authority to other DNS servers.
The new attack takes advantage of this functionality to perform DDoS attacks. In this attack, the attacker will send a DNS request to a DNS server for which the authoritative DNS server is one under the attacker’s control. Upon receiving the request, the attacker’s DNS server will instruct the recursive DNS server to delegate this authority to a long list of fake DNS servers in the victim’s domain. In order to resolve the request, the recursive DNS server will then query the victim’s DNS server for each of these supposed DNS servers. As a result, the victim’s DNS server is hit with a huge amount of traffic from the recursive DNS server, degrading its ability to resolve legitimate DNS requests.
If the victim’s DNS server is unable to handle requests, then attempted visitors to sites within the victim’s domain are unable to translate their URLs to the IP addresses of the victim’s web servers. As a result, the victim’s website can become completely unreachable, and, potentially, employees may lose access to internal services on the corporate intranet if access to these services depends upon the corporate DNS server.
Protecting Against DDoS Attacks
An organization’s web presence is vital to its ability to do business. Customers increasingly prefer to browse and potentially make purchases online rather than visit physical stores. Additionally, many organizations are moving some or all of their customer service functionality to their website due to the increased scalability that it provides.
Cybercriminals have several different methods by which they can take a website offline via DDoS attacks. Attackers can either attack the website directly by sending requests to the web application or target the DNS infrastructure that the website relies upon to route visitors’ traffic to its web servers. As DDoS attacks become easier and cheaper to perform, they are likely to become even more common. Ensuring the availability of the company web presence requires deployment of robust DDoS mitigation solutions capable of identifying and blocking a range of different DDoS attacks.

Comments

Popular posts from this blog

AIRBUS A380 CUSTOM ($500 MILLION) OWNED BY AL-WALEED BIN TALAL

Airbus A380 Custom ($500 million): This is the most expensive private jet in the world, owned by Al-Waleed Bin Talal from Saudi Arabia and a member of the Saudi royal family – House of Saud. Prince Al-Waleed bin Talal has the eighth-highest amount given to charity ($3.5 billion) among the greatest philanthropists. He’s the 50th richest man in the world. He has almost everything gold plated in the plane and comes with a solid gold throne in the middle. The jet is referred to as Kingdom in the Sky and comes with a Turkish bath, a garage where he can park his Rolls Royce and even a prayer room with electronic mat that automatically rotates to face Mecca.

10 BEST DISPOSABLE GLOVES FOR CORONAVIRUS

Note:  When buying anything online, please exercise good judgment especially in case of buying anything for protection against coronavirus also known as COVID-19. Please refer to the  CDC website  for accurate information. As the reaches of Coronavirus continue to spread across the globe, so has the need for care in how one engages with the outside world. Health personnel most especially have started to employ more as they come in contact with different kinds of people every day. If you are not a doctor however but you work in a line where you come in contact with different people and surfaces, you also have to exercise extreme caution in order to protect yourself from contracting the highly contagious virus. To guarantee your safety from Covid-19 then, we bring you the top ten of one of the most essential PPEs you will need in this season, the disposable gloves. Here they are: 1....

What would you do if You were Lock In A Hut For 7 Days, And All You Have Is A Laptop, Internet And ATM Card?

72IG PROGRAM is the Answer. What is this Program? The 72ig program is a training program by Toyin Omotoso hosted on the Expertnaire affiliate platform that trains you on how to make at least N750,000 per month recommending valuable digital products to those in need of them. Toyin was trained alongside the likes of Akin Alabi, Ronald Nzimora, Patrick Ogidi, Fisayo Akinlolu, and more by Dr. Sunny Obazu-Ojeagbase, Toyin has made his mark as a successful internet marketer from Nigeria. Toyin Omotosho When you join Expertnaire via the 72ig program, you automatically join the 72ig Affiliate Marketing program, meaning that if you sell the same product you get 50% commission per sale while ordinary affiliates get just 30%. MORE THINGS TO KNOW ABOUT THE 72IG PROGRAM Price:  You may be unlucky to get at N55,000, but N45,000 with a discount as found using the link below Pros : Created by a respected internet and direct response marketing expert with proven results. Concise, step-by-st...