![]() ![]() There are several different types of DDoS attacks, including traffic amplification, subdomain attacks and DNS floods. Distributed denial-of-service or DDoS attacks, where hackers aim network traffic to clog up web servers and bring them down.Each one has a slightly different set of circumstances: He catalogs the ways that DNS is used to lie about these lookups for various reasons, and some of these lies take the form of several different kinds of DNS-based attacks. ![]() Huston’s 2020 blog post covers several factors that have changed with DNS, and one of the most important is trusting what it says when it performs its address lookups. These flaws would enable attackers to take control of millions of different devices running these operating systems. Called NameWreck, it involved a series of nine vulnerabilities affecting four different TCP/IP protocol stacks, including flaws uncovered in two critical remote code execution issues in Nucleus NET and FreeBSD and a denial-of-service flaw in NetX. Perhaps one of the more complex and compound exploits was seen in 2021. The Facebook seven-hour network outage experienced in October 2021 cost the company at least $60 million in lost ad revenue, and its stock price dropped 5% as a result. Each successful attack costs the business, on average, $942,000.Īnd “no DNS means no business is conducted,” the report concludes. In a study from last year by IDC (summarized in the adjacent graphic), 88% of organizations have experienced one or more DNS attacks on their business, with an average of seven per year. And with millions of malicious domains being created each month, as was recently reported from Akamai Technologies Inc., there is a lot of potential network traffic from victims that could be directed by an attacker’s DNS. DNS has become the great hacking playscape where network infrastructure can be compromised with just a few packets, and exploits are regularly found. This shift, especially as superclouds, containers and multiple application collections create and destroy virtual instances millions of times a day, puts tremendous stress on the DNS infrastructure. Without a fully functioning DNS, the workloads and workflows can easily get in trouble: packets disappearing or dropped, malicious software supply chains taking control, and web servers brought down, requiring restarting or, worse, rebuilding before they can return to production.Īll that means organizations depend on DNS more than ever to connect the various computing bits and pieces across the internet, which makes it very noticeable when DNS gets in trouble - and for many businesses, this does happen sometimes. Huston is chief data scientist for Australia’s internet agency Asia Pacific Network Information Center and has written extensively on DNS issues. Those days are so over now, especially as the internet has “shifted to a client/server network model, where clients initiate connections and servers respond, and clients don’t require a permanent assigned address,” as Geoff Huston wrote in a 2020 post on the evolution of DNS. Typically, the keeper of each corporate DNS was a single person, who didn’t have a lot of demands or changes to make. That time also had mostly on-premises computers, so keeping track of things was much simpler. That worked for a time when a device was mapped to an IP address. Remember printed phone books? If you know the alphabetic name, you can look up the numbers. DNS has been around for decades, dating back to when Paul Mockapetris, now chief scientist at ThreatSTOP Inc., wrote numerous internet protocol standards back in the 1980s.īack then, IP networks had very different roles for people and machines, which made DNS the intermediary. The DNS protocol is essential to almost every internet service and is used to translate alphabetic domain names, such as, and a set of numerical internet protocol addresses, such as like 35.91.118.127, back and forth so that they have meaning both for humans and for machines and software. There are more targets, more bandwidth and more automated tools to launch attacks, making it easier for the bad guys to cast a wider net with more destructive power. ![]() ![]() One reason has to do with the expansion of the internet. A new kind of denial-of-service attack called Water Torture is the most recent, but earlier this year has seen other DNS-based attacks on Telsa’s network in January and a new malware toolkit called Decoy Dog that targeted business networks. Recent events have once again brought issues involving the DNS, as it’s called for short, to the forefront. The foundational Domain Name System, essentially the phone book for the internet, used to be something nobody using the net much noticed, but lately it has become more of a target, and the cost of attacks against it are huge and growing. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |