Twitter, Amazon, Spotify and Reddit were among a large group of major websites that suffered significant outages on October 21 as a result of distributed denial of service (DDoS) attacks on DNS (Domain Name Service) hosting provider, Dyn. The attack was made possible by enormous clusters of hacked IoT devices like DVRs and cameras. It’s been reported that tens of millions of IP addresses were involved, many of which were linked to Mirai, the same malware strain that was used in the record-breaking DDoS attack on KrebsonSecurity.
GeekWire covered this unique attack, and looked to WatchGuard CTO, Corey Nachreiner, to break it down for readers. Here’s an excerpt discussing what organizations can do to protect themselves from DDoS threats:
“So how can a CTO prevent this against their organization? Well, that’s a somewhat complex problem. In the case of most direct DDoS attacks, which are flooding your infrastructure, I recommend some sort of cloud-based DDoS protection service. There are local DDoS protection appliances, but even they can become overwhelmed with the sheer scale of some of the DDoS attacks today (the latest allegedly reaching 1Tbps).
Cloud or hybrid DDoS solutions handle much of the attack up-stream, distributing some of the load through a large, distributed network, and blocking much of the traffic before it even reaches your gates. That said, today’s DDoS attack was not an attack on NetFlix, Twitter, or others directly… Rather it was an attack on a DNS service that plays a core role on the Internet. If the services you rely on to direct customers to your domain goes down, you can contact your DNS registrar to temporarily redirect your domain to another server until the other recovers. There is little we can do to protect against these services directly, because they are out of our direct control. In short, this is an industry problem. Critical service vendors, like DNS hosters, need to implement strong DDoS protection themselves, as they play a critical part in how the Internet functions.”
GeekWire also included Corey’s comments in a roundup of tech executives’ responses to the Dyn DDoS attacks.
For more information, check out Corey’s Daily Security Byte video on the attacks against Dyn.