Increase in DNS Based DDoS Attacks

Over the last few years, the Internet of Things (IoT) has expanded into all areas of our lives.A recent report predicted that there are over 8 billion devices potentially connected this year, whcih would grow to over 20 billion by 2020.

Although the IoT will bring us many benefits there is also the potential for some huge security risks.

Earlier this year for instance a US college was attacked by malware that attacked over 5000 connected devices from printers to vending machines.The college servers were overwhelmed with fake DNS queries which crippled their network for some time.

We’ve of course seen these sort of DDoS attacks on many high profile services like Twitter and Paypal recently.Many attacks are utilising connected digital devices like TVs, cameras and media players to create DDoS attacks. There are millions of these devices online and they are rarely protected to the same extent as laptops and PCs are.

The attacks were different but focused on exploiting DNS, which highlights how critical it is to virtually anything connected to the internet. There are even other avenues where DNS is being modified and used in slightly different ways for instance in this article – Smart DNS or VPN. Not only are DDoS usually the easiest attacks to set up, they also can cause the most damage.They are even effective against the larger companies, as demonstrated in the Dyn attacks which caused a lot of financial damage.

The DDoS attacks have to be made more difficult, at the moment DNS infrastructure almost acts as an enabler. Once in control an attacker can send queries to name servers across the world. If they pretend to use the IP address of their target, then the responses will be sent to that target, causing the DDoS attack.
Attackers set up botnets consisting of thousands of these network enabled devices. They don’t need to be powerful, thousands of false DNS requests being spoofed from phones and other devices will cripple the fastest server being attacked.Many people are actually unware that their devices are even involved or connected to the IoT.

It’s often difficult to tell, harder still to see if they are vulnerable and methods to secure them often unavailable.Many of these devices are created by a myriad of manufacturers and sometimes they even contain hard coded passwords which can’t be changed! Lots of devices involved in the DYN attack were exploited because of a default or standard password which had never been changed.

Although security concerns have become more important for standard PCs and laptops, the security risks are rarely consider when selling a cheap internet enabled camera or similar device.To write secure code on these cheap devices would add significantly to development costs. Which is why many device manufacturers tend to ignore these requirements for security.

As the billions of connected, insecure devices grows we’re likely to see many more DDoS attacks from larger and larger botnets of these devices.

Linked Article – How to Watch UK Netflix Abroad

Leave a Reply