The latest research from Kaspersky reveals just how easy and profitable it is to carry out large-scale DDoS, or denial of service, attacks. Running an attack can cost as little as $7 an hour, while inflicting damages ranging from thousands of pounds to millions. To date, they have crippled numerous organisations by severing internet services, such as with the DYN DNS attack which was bombarded by the Mirai botnet using over 150,000 compromised devices.
EfficientIP’s 2016 Global DNS Threat Survey additionally revealed the worst type of DDoS is DNS-based attacks. They believe:
- Using traditional firewalls to secure DNS servers is putting services and data in the danger zone.
- Massive attacks can quickly swamp overwhelmed systems based around traditional firewalls.
- DNS-based DDoS attacks are particularly easy to execute and THE main source of data exfiltration.
- Techniques used by attackers, like DNS exfiltration and DNS tunneling tools, are now commonly used and have been added to the toolkits of attackers.
In a world where networks are increasingly complicated and risky, a modern DNS not only simplifies things, it’s also its own police force; it ‘serves and protects’.