Threat Watch

Following DynDNS attacks, DNS Dependencies Have Only Gone Up

Four years ago, there was a Distributed Denial of Service (DDoS) attack on DynDNS, a DNS service provider for many major websites. Since then, researchers have produced an analysis of the top 100,000 websites on the Internet, in an effort to see how website operators reacted to the DDoS attack. Unfortunately, over 89.2% of the top 100,000 sites use a third-party DNS provider instead of managing their own DNS server, according to research reported by ZDNet. Additionally, over 84.8% of those sites do not have a backup DNS server, meaning a single DNS failure or attack could completely take the site down. Just four DNS service providers: Cloudflare, AWS, GoDaddy and DnsPod, are the lone critical providers for more than half of the sites in the Alexa Top 100 website list.

ANALYST NOTES

While there is nothing wrong with using a third-party DNS service provider, and most providers will be highly reliable, it is a simple and wise precaution to ensure that a backup DNS provider is also set up for every business-critical domain name in order to avoid downtime should the primary DNS provider go down. The DNS system is designed to support redundancy through multiple name servers with preference weighting, but setting it up requires planning for disaster contingencies. As the DynDNS attack demonstrated, a major outage of a DNS service provider must be considered as one of the contingencies to account for in disaster recovery planning.

https://www.zdnet.com/article/four-years-after-the-dyn-ddos-attack-critical-dns-dependencies-have-only-gone-up/