Yesterday we saw a massive DDOS attack against a crucial piece of internet infrastructure the DNS ( Domain Name Service) the DNS is responsible;e for name resolution, for example, resolving google.ca to its IP address. Without this service, a user would need to remember the IP address of their favorite website.
Yesterday a major hosted DNS provider ( DynDNS) was attacked with a massive DDOS attack this attack was aimed at flooding the DYN network with as much garbage traffic as possible.Since most top tier websites rely on services such as DYN’s hosted DNS when the DYN network got impacted by the attack it also impacted the DNS servers for websites such as Spotify and Etsy as well as many smaller websites such as blogs and home user websites this took out a huge chunk of websites on the east coast of the US.
This issue has been flagged many times by security professionals the fact is these DDOS attacks are getting bigger and bigger. Since now attackers are leveraging IOT devices such as unsecured DVR’s and home routers with lackluster security.
Just recently we saw a 100Gbps attack against Krebs this attack and others like it may be what we see as a new norm. As these attacks become more frequent administrators and network operators need to ready themselves with a plan of action should they fall victim to an attack
As a general recommendation from myself and many other security professionals, we need to raise more awareness on the security issues with IOT devices some devices especially home routers are not kept up to date with security updates and often contain many vulnerabilities in them which allow attackers to leverage the device in a DDOS
Consumers should be educated on basic security settings and best practices.But there is also the need for vendors to step up and patch holes in their products and perform more stringent code reviews for security risks.