Connect with us

Hi, what are you looking for?

SOFTWARE

Home routers expose ISPs to massive DNS-based DDoS attacks

DNS-based DDoS amplification attacks have significantly increased in the recent months, targeting vulnerable home routers worldwide, finds new research by Nominum.

DNS-based DDoS amplification attacks have significantly increased in the recent months, targeting vulnerable home routers worldwide, finds new research by Nominum.

DNS-based DDoS amplification attacks have significantly increased in the recent months, targeting vulnerable home routers worldwide, finds new research by Nominum.

A simple attack can create 10s of Gbps of traffic to disrupt provider networks, enterprises, websites, and individuals anywhere in the world.

The research reveals that more than 24 million home routers on the Internet have open DNS proxies which expose ISPs to DNS-based DDoS attacks.

In February 2014, more than 5.3 million of these routers were used to generate attack traffic. During an attack in January 2014, more than 70% of total DNS traffic on a provider’s network was associated with DNS amplification.

Advertisement. Scroll to continue reading.

The study also finds that DNS is by far the most popular protocol for launching amplification attacks, with more available amplifiers than the next four protocols combined.

DNS amplification attacks require little skill or effort and cause major damage; this is the reason why they are increasingly popular. Because vulnerable home routers mask the target of an attack it is difficult for ISPs to determine the ultimate destination and recipient of huge waves of amplified traffic.

Nominum recently launched VantioThreatAvert to address the gaps in existing ISP DDoS defenses. The solution leverages Nominum’s Global Intelligence Xchange (GIX), a database of malicious DNS amplification domains that is continuously updated, and Precision Policies, which enable ISPs to pinpoint and neutralize attack traffic. Together they enable ISPs to protect their networks proactively.

Traffic from amplification amounts to trillions of bytes a day disrupting ISP networks, websites and individuals. The impact on ISPs is fourfold:

•    Network impact generated by malicious traffic saturating available bandwidth
•    Cost impact generated by a spike in support calls caused by intermittent service disruption
•    Revenue impact as poor internet experience leads to increased churn or retention expenses
•    Reputation impact as unwanted traffic is directed toward peers

Advertisement. Scroll to continue reading.

“Existing in-place DDoS defenses do not work against today’s amplification attacks, which can be launched by any criminal who wants to achieve maximum damage with minimum effort,” explained Sanjay Kapoor, CMO and SVP of Strategy, Nominum. “Even if ISPs employ best practices to protect their networks, they can still become victims, thanks to the inherent vulnerability in open DNS proxies.”

“ISPs today need more effective protections built-in to DNS servers. Modern DNS servers can precisely target attack traffic without impacting any legitimate DNS traffic. ThreatAvert combined with ‘best in class’ GIX portfolio overcomes gaps in DDoS defenses, enabling ISPs to constantly adapt as attackers change their exploits, and precision policies surgically remove malicious traffic.”

Advertisement
Advertisement
Advertisement

Like Us On Facebook

You May Also Like

OPINIONS

The crackdown against DDoS (Distributed Denial of Service) attacks is like an arms race for enterprises. They are constantly outnumbered by enemies on all...

HEADLINES

Fortinet has announced the availability of its Operational Technology (OT) Security solution for critical infrastructure and industrial organizations.  The new solution integrates ruggedized firewall,...

HEADLINES

A tough road is expected for businesses that rely on digital technology this year as Distributed Denial of Service (DDoS) attacks continue to evolve,...

HEADLINES

Newly released data shows that distributed denial of service (DDoS) and web application attacks are on the rise once again, according to the Second...

HEADLINES

The second quarter of 2017 was proof that long-lasting DDoS attacks are back in business. The longest attack in the quarter was active for...

HEADLINES

The first quarter of 2017 has confirmed the forecasts about the evolution of DDoS attacks made by Kaspersky Lab experts following the 2016 results....

HEADLINES

Kaspersky Lab’s experts have studied the DDoS services available on the black market and determined just how far this illegal business has advanced, as...

HEADLINES

The last three months of 2016 witnessed significant advances in DDoS attacks. Methods are becoming more and more sophisticated, the array of devices being...

Advertisement