• Latest
  • Trending
Defending DNS Against DDoS Attacks to Protect

Defending DNS Against DDoS Attacks to Protect

December 7, 2021
Inaugural AfCFTA Conference on Women and Youth in Trade

Inaugural AfCFTA Conference on Women and Youth in Trade

September 6, 2022
Instagram fined €405m over children’s data privacy

Instagram fined €405m over children’s data privacy

September 6, 2022
8 Most Common Causes of a Data Breach

5.7bn data entries found exposed on Chinese VPN

August 18, 2022
Fibre optic interconnection linking Cameroon and Congo now operational

Fibre optic interconnection linking Cameroon and Congo now operational

July 15, 2022
Ericsson and MTN Rwandacell Discuss their Long-Term Partnership

Ericsson and MTN Rwandacell Discuss their Long-Term Partnership

July 15, 2022
Airtel Africa Purchases $42M Worth of Additional Spectrum

Airtel Africa Purchases $42M Worth of Additional Spectrum

July 15, 2022
Huawei steps up drive for Kenyan talent

Huawei steps up drive for Kenyan talent

July 15, 2022
TSMC predicts Q3 revenue boost thanks to increased iPhone 13 demand

TSMC predicts Q3 revenue boost thanks to increased iPhone 13 demand

July 15, 2022
Facebook to allow up to five profiles tied to one account

Facebook to allow up to five profiles tied to one account

July 15, 2022
Top 10 apps built and managed in Ghana

Top 10 apps built and managed in Ghana

July 15, 2022
MTN Group to Host the 2nd Edition of the MoMo API Hackathon

MTN Group to Host the 2nd Edition of the MoMo API Hackathon

July 15, 2022
KIOXIA Introduce JEDEC XFM Removable Storage with PCIe/NVMe Spec

KIOXIA Introduce JEDEC XFM Removable Storage with PCIe/NVMe Spec

July 15, 2022
  • Consumer Watch
  • Kids Page
  • Directory
  • Events
  • Reviews
Wednesday, 8 February, 2023
  • Login
itechnewsonline.com
  • Home
  • Tech
  • Africa Tech
  • InfoSEC
  • Data Science
  • Data Storage
  • Business
  • Opinion
Subscription
Advertise
No Result
View All Result
itechnewsonline.com
No Result
View All Result

Defending DNS Against DDoS Attacks to Protect

by ITECHNEWS
December 7, 2021
in Opinion
0 0
0
Defending DNS Against DDoS Attacks to Protect

Recent research shows a record-breaking number of DDoS attacks took place in the first half of 2021.  Estimated at 5.4 million, this represents a rise of 11 percent year-on-year. This increased frequency is coupled with ever-evolving attack strategies designed to find exploitable loopholes that allow attackers in. 

DDoS attacks are not new, but this doesn’t make them any less of a threat. In fact, for many organizations, along with the detrimental impact on their reputation, the financial costs in terms of overages, a drop in production and missed revenue due to downtime can reach into the hundreds of thousands depending on the length of the attack.

YOU MAY ALSO LIKE

Making Biometrics Work: 3 Ways To Jumpstart the Process

How to prevent cyberbullying: Keeping students safe

The pandemic has heightened our reliance on digital services to do everything from work to shopping to entertainment and has presented rich pickings to attackers. Once attackers were motivated by creating maximum disruption and potentially damaging the companies they targeted, they increasingly launch attacks in the expectation they would be paid to desist.

In general, however, DDoS attacks have flourished due to the plethora of new devices, the expansion of networks that can be targeted and the ease with which bad actors can access attacks through the dark web. 

The Inextricable Link Between DDoS and DNS

Many DDoS attacks attempt to overwhelm a DNS server with queries to render it so inundated that it cannot respond to legitimate requests.  Attacks can target different layers of application architecture, one of which is DNS. Still, they share the same strategy and, if successful, the sheer volume of traffic will render the server and all the websites and applications connected to it inaccessible or inoperable. Typically, “botnets” or large groups of compromised devices ranging from home routers to ‘smart fridges’ are used to flood the targeted server remotely.

The DNS is the main point of control when it comes to orchestrating cloud services and application traffic. Organizations rely on it to provide high-performance digital services to users in the right location at the right time. It’s no coincidence that over the past eighteen months, many of the high-profile companies hit by DDoS attacks have been those we were most reliant on during the pandemic. In April, Microsoft said that its Azure DNS service was overwhelmed by an attack that caused a global outage making vital online services, such as Office, Teams, Skype and Xbox Live, impossible to access. Two months later, Amazon reported that it had fended off the most significant attack in history.

Using Resiliency, Anycast and Filtering to Prevent DDoS Attacks

Any organization hosting a website and providing a service via the internet is susceptible to attack. The goal isn’t to stop the attack but to mitigate the impact when it happens.

Companies can build resiliency by ensuring always-on, redundant DNS is in place. This allows a second DNS network using separate infrastructure to be deployed in an attack that compromises the primary DNS. Overprovisioning or using Dedicated DNS will also help to absorb traffic spikes.

Another solution is to leverage anycast DNS protocols. These enable DNS requests to be diverted to an available server to guard against the impact of an attack on resources or due to cloud resource overload or CDN outages which many providers have experienced over the last year. In addition, companies can make use of real-time data about network conditions to dynamically load balance between resources in the event of traffic spikes due to attacks. 

Another consideration is to use authentication and access management tools, such as two-factor authentication and single sign-on. Companies that deploy scripts or APIs to update DNS must use strong authentication keys and restrict key usage to valid sources only (i.e., IP whitelisting for DNS registrars, DNS control panels and APIs). Analytics enable companies to audit any changes to sensitive DNS records and tie audit logging of their DNS vendor into their SIEM or other monitoring systems.

Given the costs that companies so often face because of DDoS attacks, planning ahead is wise. DNS providers can help by offering overage protection to help with unexpected cost increases due to attacks and delivering peace of mind ensuring you have a backup plan.

Building DNS Defense Against the Rising Tide of Risk

Certainly, DDoS attacks will continue to rise. They are cheaper and easier for bad actors to carry out, while simultaneously, our increasing dependence on digital services makes their potential impact even more catastrophic. 

DNS should be pushed up the security agenda, encouraging the C-suite to acknowledge the threat and reconsider the options available to shore up the DNS. No organization can afford the risks of poor performance or outages, so the availability and stability of DNS deployments must be safeguarded. There’s no room for compromise, given the threat to revenue and reputation.

Ryan Davis CISO, NS1

ShareTweetShare
Plugin Install : Subscribe Push Notification need OneSignal plugin to be installed.

Search

No Result
View All Result

Recent News

Inaugural AfCFTA Conference on Women and Youth in Trade

Inaugural AfCFTA Conference on Women and Youth in Trade

September 6, 2022
Instagram fined €405m over children’s data privacy

Instagram fined €405m over children’s data privacy

September 6, 2022
8 Most Common Causes of a Data Breach

5.7bn data entries found exposed on Chinese VPN

August 18, 2022

About What We Do

itechnewsonline.com

We bring you the best Premium Tech News.

Recent News With Image

Inaugural AfCFTA Conference on Women and Youth in Trade

Inaugural AfCFTA Conference on Women and Youth in Trade

September 6, 2022
Instagram fined €405m over children’s data privacy

Instagram fined €405m over children’s data privacy

September 6, 2022

Recent News

  • Inaugural AfCFTA Conference on Women and Youth in Trade September 6, 2022
  • Instagram fined €405m over children’s data privacy September 6, 2022
  • 5.7bn data entries found exposed on Chinese VPN August 18, 2022
  • Fibre optic interconnection linking Cameroon and Congo now operational July 15, 2022
  • Home
  • InfoSec
  • Opinion
  • Africa Tech
  • Data Storage

© 2021-2022 iTechNewsOnline.Com - Powered by BackUPDataSystems

No Result
View All Result
  • Home
  • Tech
  • Africa Tech
  • InfoSEC
  • Data Science
  • Data Storage
  • Business
  • Opinion

© 2021-2022 iTechNewsOnline.Com - Powered by BackUPDataSystems

Welcome Back!

Login to your account below

Forgotten Password?

Retrieve your password

Please enter your username or email address to reset your password.

Log In
Go to mobile version