HyperScale Data Centers Featured Article


How Enterprises Can Defend Against the Next DDoS Cyber Attack


November 04, 2016
By Special Guest
Cricket Liu, Chief DNS Architect at Infoblox -

I’m sure you’ve been following the news of the recent distributed denial of service (DDoS) attack against Dyn, a company that hosts DNS zones for many companies. The DDoS attack used the Mirai botnet, which consists of thousands of compromised “Internet of Things” devices, including IP cameras and digital video recorders. The DDoS attack sent enormous volumes of traffic—most of it not DNS—to Dyn’s name servers, overwhelming them and rendering them unable to respond to legitimate queries. The result was that many of Dyn’s customers were unreachable from the Internet, including high-profile companies such as Twitter, Amazon, Netflix and Reddit. Here’s what enterprises in the Middle East need to do to survive the next big cyber attack.

The Dyn attack is a wake-up call to the world – not just to DNS providers, but to all parties involved, including the DNS community, Internet of Things (IoT) device manufacturers, businesses and consumers. The sheer volume of traffic involved and the huge number of websites affected may make the Dyn attack seem overwhelming, but the truth is, by following some simple best practices, we can not only survive attacks like this, but also reduce their size and scope.

Get back to the basics: Three best practices

Image via Pixabay

Build in redundancy. Many companies rely on a single DNS provider like Dyn, leaving them vulnerable to attacks. Instead, businesses need to either deploy some on-premises appliances that can serve as external authoritative name servers – the servers that advertise their DNS data to the Internet – or bring in a second DNS provider. This is no different from ensuring that your company has redundant connections to the Internet. If one set of name servers goes down or is attacked, companies will still have name servers available. Making the external DNS infrastructure more heterogeneous ensures that companies are not putting all of their eggs in one basket.

Mix it up, manufacturers. IoT devices are here to stay, from cameras to thermostats to fitness trackers. And traffic from IoT devices will continue to grow. But many IoT devices are inherently insecure from the get-go. Why? Many manufacturers sell these devices with the same default administrator password, which consumers rarely change. Or even if they want to change it, sometimes they can’t figure out how to do it. Either way, attackers have access to a vast network of devices from which to launch DDoS attacks. Simply put, IoT devices cannot be sold to consumers without some basic security measures, starting with unique, randomly generated passwords for each device.

Lock it down, consumers. In general, we have a terrible track record when it comes to protecting our information with passwords. The majority of passwords consumers use are easily guessable. We have to try harder. The same goes with Internet-connected devices. Consumers must be savvier about changing the default passwords on everything including cameras, DVRs, routers and printers. And, device manufacturers, in addition to providing each device with a unique preset password, must prompt consumers to create more sophisticated passwords and make it more intuitive for people to be able to do it. Finally, an attack should be a reminder to consumers to check the security of their devices: to make sure passwords aren’t easily guessable, and that devices have been upgraded recently to versions of code without known vulnerabilities.

Take action now

Gartner projects there will be 26 billion IoT devices installed by 2020. That’s more than three devices for every person on the planet. A survey Infoblox conducted of 400 IT executives revealed that although 75 percent of businesses already have Internet-connected equipment on their networks, 35 percent say they’re not ready to support IoT yet. Even more eye-opening is that we found that nearly 60 percent of IT professionals say they’re not doing anything to prepare for the impact of IoT. Do we really want to be ruled by toaster and refrigerator overlords? The IoT threat isn’t even the future – it’s already happening, as demonstrated by the Dyn attack. Implementing best practices for IoT device security must be a top priority for all of us. 

About the Author

Cricket Liu is one of the world’s leading experts on the Domain Name System (DNS), and serves as the liaison between Infoblox and the DNS community. Before joining Infoblox, he founded an Internet consulting and training company, Acme Byte & Wire, after running the hp.com domain at Hewlett-Packard. Cricket is a prolific speaker and author, having written a number of books including “DNS and BIND,” one of the most widely used references in the field, now in its fifth edition. He is the owner/inventor of 10 DNS/IP address management patents within the U.S.




Edited by Alicia Young

Article comments powered by Disqus







Click here to share your opinion - What is the "next big thing" to software define in your enterprise or data center?






Featured Blog Entries

Day 4, Cisco Live! 2017 - The Wrap

Day 4 was the final day of our first ever Cisco Live! We had a great show, with many great conversations and new connections with existing and potential end users, resellers, partners and job hunters.

Day 3, Cisco Live! 2017

Day 3 of Cisco Live is history! For Fiber Mountain, we continued to enjoy visits from decision makers and influencers who were eager to share their data center and structured cabling challenges.

Day 2, Cisco Live! 2017

Tuesday was Day 2 of Cisco Live for Fiber Mountain and we continued to experience high levels of traffic, with many high value decision makers and influencers visiting our booth. One very interesting difference from most conferences I attend is that there are no titles on anyone's show badges. This allows open conversations without people being pretentious. I think this is a very good idea.

Day 1, Cisco Live! 2017

Fiber Mountain is exhibiting at Cisco Live! In Las Vegas for the first time ever! Our first day was hugely successful from just about any perspective - from quantity and quality of booth visitors to successful meetings with customers.

Industry News