Distributed denial-of-service (DDoS) amplification attacks that are based on Domain Name System (DNS) have significantly increased in the recent months, according to a study by Nominum, a DNS and Internet Activity applications provider.
The study revealed that more than 24 million home routers worldwide have open DNS proxies, thus exposing Internet Service Providers (ISPs) to DNS-based DDoS attacks. In February this year, over 22 percent of these routers were used to generate attack traffic.
DNS amplification attacks are becoming increasingly popular as they require little skill or effort to cause major damage. According to Nominum, a simple attack can create 10 seconds of Gbps of traffic to disrupt the networks of ISPs, enterprises or individuals. Moreover, it is difficult for ISPs to determine the ultimate destination and recipient of huge waves of amplified traffic as home routers mask the target of an attack.
ISPs need to prevent themselves from being victims of amplification attacks as these attacks consume bandwidth, increase support costs and negatively impact customer confidence on their ISP, said Nominum.
Due to the inherent vulnerability in open DNS proxies, existing in-place DDoS defences are not effective against today's amplification attacks, said Sanjay Kapoor, CMO and SVP of Strategy at Nominum. ISPs therefore need to deploy defence solutions that are "built into DNS servers and can target attack traffic without impacting any legitimate DNS traffic," he added.
Sign up for CIO Asia eNewsletters.