Experts have often warned that open domain name system (DNS) resolvers are being abused by cybercriminals to intensify their distributed denial-of-service attacks. On Wednesday, the Research and Education Networking Information Sharing and Analysis Center (REN-ISAC) has released an alert on this topic.The organization – which is an integral part of higher education's strategy to improve network security – advises the higher education and research community to make sure their DNS configurations don’t allow cybercriminals to abuse them for DDOS attacks.
“Although attacks exploiting the network and DNS configuration weaknesses have been around for a long time, the frequency and impact of attacks have grown over the past year,” the alert reads.
“These attacks may exploit thousands of institutional DNS servers to create an avalanche of network traffic aimed at a third-party victim. The traffic sourced by any single institutional system may be small enough to go unnoticed at the institution; however, the aggregate experienced at the target can be crippling.”
The complete alert, which also includes technical details on how to address these issues, is available here.