If you stop and quiz the average person on the street about the most important building blocks of the internet, they’re likely to mention large websites like Google and Facebook long before they’ll talk about (or even be familiar with) the Domain Name System protocol, a.k.a. DNS. But without DNS, none of the more public-facing aspects of the internet would function the way that they do. In fact, without DNS Google and Facebook wouldn’t be known by their catchy monikers, but instead by a difficult-to-remember sequence of numbers users would have to enter every time they wanted to visit the site in question. For those who don’t know DDoS DNS attacks, it’s essentially a phone book for the internet. Just like looking up a name in a phone book will link a name (say, John Smith) with a phone number (say, +18143522104), so DNS connects the memorable web addresses we type into browsers (for example, www.google.com) with machine-readable IP addresses that look a whole lot more like 52.33.201.245. It’s been a part of the online world since the early 1980s, many years before the majority of users had even heard of the internet — let alone dialled in to see what all the fuss was about.
Unfortunately — but perhaps unsurprisingly — whenever there is a piece of critical infrastructure, there will be cyber attackers who search for ways to exploit it in some way to cause damage. In doing so, they turn what is an invaluable piece of engineering into a potential liability. It’s a timely reminder of why DNS protection matters.
Different Flavors of DNS Attacks
A DNS attack, as its name implies, is a form of cyber attack that involves attackers exploiting security holes in the Domain Name System. There are multiple ways that such attacks can manifest. For example, DNS hijacking or DNS redirection involves a method of incorrectly resolving DNS queries so that traffic is redirected from where it should go and toward a malicious website instead. These are frequently websites that allow or request users to enter sensitive data, potentially enabling attackers to be able to steal this information.
Another attack is referred to as DNS tunnelling, in which the DNS protocol is utilized as a way to tunnel data — possibly including malware — through a client server model. These payloads could be utilized to exfiltrate data by remote controlling servers and applications, along with plenty of other less-than-nice use cases. This tunnelling attack uses the trusted status afforded to DNS traffic as a way to get around both inbound and outbound firewalls, essentially providing a way for bad actors to circumvent defence measures in order to trigger problems.
Yet another attack involves DNS DDoS (Distributed Denial of Service). In this attack, often referred to as DNS amplification, the DDoS attack leverages resolvers as a way of bombarding and overwhelming victims with fake traffic. This is done with the purpose of knocking certain online services or websites offline, rendering them inaccessible to legitimate users.
The Rise of DNS attacks (and Protecting Against Them)
DDos DNS attacks aren’t slowing down, either. According to a September 2021 survey, 72 percent of study participants responding said they had experienced some form of DNS attack within the preceding 12 months. Of the organizations that had been targeted, more than 60 percent said they had been attacked multiple times in this way, while more than 10 percent said they were regular victims of such attacks.
In the region 58 percent of respondents said their business had been disrupted for over an hour, and 14 percent said that it had taken multiple hours for them to recover. In the world of a company operating online, being unable to operate for multiple hours can cost enormous sums of money — not to mention the reputational and other damage that can ensue from such an attack.
Protecting against DDos DNS attacks is essential. Fortunately, the tools are available to help do exactly that. Seek out expertise from cyber security companies who can provide the means by which organizations can block common DNS attacks. These always-on services can help secure websites, applications, and APIs alike against DNS attacks, stopping the attacks mentioned in this article in their tracks. With DNS-targeting attacks only becoming more commonplace, this is among the smartest moves businesses can make. It’s one they cannot make quickly enough.