Two weeks ago, parts of the Internet came to a halt due to a DDoS attack. DDoS attacks have become pretty common these last few years, but usually target a specific website. For instance, attackers might target microsoft.com and start firing enormous amounts of requests to it. Due to the load, the website will eventually choke and stop responding to both the malicious as to normal requests, with the result that the website is “down”.
There were two things that made this DDoS attack a bit different:
- This attack was not targeting a website or webservers, but instead DNS servers. DNS is used for address resolution, which comes down to translating a normal URL (like www.repsaj.nl) to an IP address. By targeting DNS servers, the attackers managed to bring down lots of sites at once, with your PC left unable to find the correct IP address for the website you requested. So in this case, the webservers were fine but the clients didn’t have a way to reach them.
- The attack was largely carried out using IoT devices. This included IP-connected webcams for instance, which many people have at home.
This uncovers a large security issue with lots of IoT devices, which could have been easily prevented (or at least a lot better secured) using a back-end like Azure. Let’s find out how… Read More