Home > Cyber News > DDoS Attacks on Internet’s DNS Root Servers, Offender Unknown
CYBER NEWS

DDoS Attacks on Internet’s DNS Root Servers, Offender Unknown

by   |  Last Update:  |  0 Comments  

A rare DDoS (distributed denial-of-service) attack has been registered on the Internet’s DNS root servers.

More particularly, four nodes – B, C, G, and H – have been affected by slight timeouts. Two different attacks have been carried out by an unknown cyber crime group, as reported by RootOps. The first attack took place on the 30th of November, and continued 160 minutes. A second, shorter attack has happened on the 1st of December, which lasted only 60 minutes.

The DDoS Attacks Explained

Experts are reporting that the attacks were authentic DNS queries, addressed at one domain during the first attack, and at another one during the second attack.

The two attacks caused about five million queries per second per DNS root name server. The bad news is RootOps will most likely be unable to discover the attackers. One reason is that IP source addresses are easily spoofed. Furthermore, the source IP addresses applied in these DDoS scenarios were spread in a skillful and arbitrary manner throughout the IPv4 address space.

This is how the attacks were discovered:

Visibility of this event came about as a result of health monitoring by DNS root name server operators and other monitoring projects around the Internet. Often these are in the form of “strip chart” graphics showing response time variance of a periodic simple query against some set of servers, including DNS root name servers. Such test traffic may not be indicative of what happens to normal traffic or user experience.

The good news is no severe damage was done. The two DDoS attacks mainly led to a delay for some users making DNS queries through their browsers, FTP (File Transfer Protocol), and SSH (Secure Shell).
Due to the intertwined DNS structure, when one server isn’t responsive, other servers interfere and supply a DNS query result.

How to reduce the risk of DDoS attacks?

This is the advice given by RootOps :

Source Address Validation and BCP-38 should be used wherever possible to reduce the ability to abuse networks to transmit spoofed source packets.

Milena Dimitrova

An inspired writer and content manager who has been with SensorsTechForum since the project started. A professional with 10+ years of experience in creating engaging content. Focused on user privacy and malware development, she strongly believes in a world where cybersecurity plays a central role. If common sense makes no sense, she will be there to take notes. Those notes may later turn into articles! Follow Milena @Milenyim

More Posts

Follow Me:
Twitter

Related posts:
  1. DNS Unlocker PUP (Adware) – How to Remove It and Stop Ads This article has been made with the idea in mind...
  2. DNS Unlocker Ads 2016 Removal Update DNS Unlocker is a very intrusive and aggressive adware program....
  3. DNS Unlocker Mac Ads Virus Removal Guide What Is DNS Unlocker for Mac DNS Unlocker Mac is...
  4. NXNSAttack: Severe DNS Vulnerability Can Cause DDoS Attacks Another day, another discovery of vulnerabilities. A new malicious attack...
  5. Remove Ads by DNS Unlocker and Dnspalenville.exe An extremely aggressive and intrusive adware, DNS Unlocked has been...
  6. DNS Unlocker Description and Removal Steps This article aims to explain to you what is the...
  7. DNS Unlocker Ads “Virus” – How to Remove It (Update 2018) This article has been created in order to help explain...
  8. New ‘Pulse Wave’ DDoS Attack Scheme Discovered Previous servers thought to be secure have been discovered to...

Leave a Comment

Your email address will not be published. Required fields are marked *

This website uses cookies to improve user experience. By using our website you consent to all cookies in accordance with our Privacy Policy.
I Agree