The number of DNS-based distributed denial of service (DDoS) amplified attacks has increased significantly in recent months, according to DNS applications provider Nominum. The firm said that the attacks, performed by hackers targeting vulnerable home routers worldwide, can create ten seconds of Gbps of traffic to disrupt individuals, enterprises, websites and networks.
It found that in February 2014, more than 5.3 million of these routers were used to generate attack traffic. Nominum added that during one attack in January 2014, more than 70 per cent of total DNS traffic on one operator’s network was associated with DNS amplification.
According to the firm, DNS amplification attacks require little skill and effort yet are able to cause a large amount of damage, which is why they are increasingly popular among hackers. It is difficult for ISPs to determine the ultimate destination and recipient of huge waves of amplified traffic, said Nominum, because vulnerable home routers mask the target of an attack.
The Broadband LATAM conference is taking place on 3rd– 4th June 2014 at the Grand Hyatt, Sao Paulo, Brazil. Click here to download a brochure.
DNS-based DDoS amplified attacks can impact networks by saturating bandwidth with malicious traffic. They can also generate a spike in support calls due to service disruption, impacting an operator’s costs, and give users a poor user experience causing them to churn, in turn impacting operators’ revenue.
“Existing in-place DDoS defenses do not work against today’s amplification attacks, which can be launched by any criminal who wants to achieve maximum damage with minimum effort,” explained Sanjay Kapoor, CMO and SVP of strategy at Nominum. “Even if ISPs employ best practices to protect their networks, they can still become victims, thanks to the inherent vulnerability in open DNS proxies.”