The massive Dyn cyber attack: the question of hybrid DNS technology to protect your company’s computer system

Friday, October 21, 2016, a cyber attack of a rare scope targeting Dyn, an American DNS centralization service, prevented millions of internet users from accessing many major sites hosted in the US including Twitter, Spotify, Amazon, eBay, Airbnb, Netflix, Soundcloud, and media sites such as the New York Times, Boston Globe, The Guardian, and CNN.

Wooxo's blog

security-265130_1280.jpg

The event caused great alarm among the government authorities, who were faced for the first time with a disaster that had only been imagined in fiction up to then.

Attacks capable of paralyzing an entire population of internet users, telecommunications network, or electrical grid? This is the new face of cyber warfare, both military and economic.

What can we do to avoid these new threats–paralyzed servers, denial of service, websites knocked out–and protect ourselves against new forms of computer attacks?

The attack against Dyn was just a trial run; the masterstroke is still coming! 

 

To date, no one has claimed responsibility for the attack on Dyn or made any demands (ransoms, threats, etc.). And that’s exactly what worries us! The worst could be yet to come.
The hackers used the denial of service (DoS) technique to take down the services of an organization, be it a company, government website, or social network. In this case, they overloaded Dyn’s services with “botnets,” login requests from a network of millions of connected objects that have been hijacked and used as “zombie” machines without their owners’ knowledge. This ultimately saturates the targeted server until it no longer responds, freezes, and takes down all the sites it hosts.

 

 

While criminal cyber attacks generally focus on DNS servers (which record our web browsing activity and direct us to our favorite sites), the scope of the recent attack is explained by the fact that its victim, Dyn, manages a quarter of the world’s DNS addresses. None of the end sites (Twitter, Spotify, etc.) seemed to be the hackers’ direct target, but hitting a single centralized target knocked them all down like dominoes.

 

 

This attack shed light on the risks posed by the growing popularity of connected objects, which are used to send the botnets. While objects such as a connected refrigerator or coffee machine, or a surveillance camera, seem completely harmless at first glance, their low production cost means that they are easy to hack. Once infected, they can easily be pirated and used as “zombie” machines. Together, this armada of millions of objects can represent a formidable potential strike force for cybercriminals wishing to mount an attack. Keep in mind that there are already 6 billion connected objects in service around the world, a number which will climb to 20 billion within the next 5 years.

 

Lessons learned from the Dyn attack: how to protect against a repeat

 

Zdnet consulted several experts to answer the question. Computer abuse, viruses, crashes, service unavailability and lost data, economic losses and damage... How can we protect ourselves against these attacks and minimize risks?

 

The experts offered a range of responses, including:

  • the importance of a well-designed website architecture:“There is no miracle solution to prevent these attacks.But it does depend heavily on how the website is constructed.Some sites are particularly fragile from this point of view,” explains Laurent Izac, Dynatrace performance expert.“If you have links to Amazon, Twitter, or Facebook and those services are affected, your site will be too.Naturally, the idea is not to do without these services, but rather to organize the site architecture so that it can still operate in a degraded mode”;
  • choosing the right DNS servers: opt for hybrid DNS technology, which allows you to have a redundant infrastructure.“Redundancy is a way to avoid the single point of failure,” explains Hervé Dhelin of EfficientIP.
  • The concept involves adopting a hybrid infrastructure that uses both an in-house DNS server and a DNS service provided by another operator.The principles that Wooxo firmly supports for data backups apply equally to DNS.Hybrid is the best solution! For more on the topic, read our article on dedicated appliances.
  • securing your connected objects with security patches, strong passwords and other measures to protect your firmware against potential attacks.

 

 

Because these criminal cyber attacks have only just become and will undoubtedly continue to expand their scope, it is absolutely essential for each and every one of us, beginning with companies, to take the necessary steps to secure their web infrastructures as best they can against the various computer threats. Feel free to ask us for advice; that’s our job!