Massive DDoS Hits DNS Services Provider

Over the weekend DNS Made Easy, a provider of enterprise DNS and IP Anycast services, was the target of a massive Distributed Denial of Service (DDoS) attack, which peaked at over 50 Gbps. The unusually powerful attack led to an aggregated downtime of around 90 minutes.

The attack occurred on Saturday and according to Twitter updates from the company lasted for about eight hours. Apparently the DDoS originated in China, but it's not sure if the identity of the attackers is known despite a tweet from the company reading "Found the domain, found the attackers."

What's clear is that whoever was behind took a shot at DNS Made Easy's biggest selling point – it's uptime. "DNS Made Easy is the only IP anycast provider to have over 8 years of 100% uptime. With a 99.9999% uptime history we have proven ourselves to be a DNS network unmatched in the industry. We gaurantee 100% uptime with our industry leading 500% SLA credit," the company boasts on its website.

That probably doesn't still hold true, even though not all company's network nodes were down at the same time during this attack and the total aggregated downtime was under 1.5 hours. "First problem we have had that we could not fix in over 9 years," the provider said.

What's most intriguing is the power of the attack, which at some point is said to have peaked at over 50 Gbps and was able to cause problems for Tier1 routers. Tier1 networks represent the interconnected center of the Internet. According to Arbor Networks’ latest Worldwide Infrastructure Security Report (fifth edition), the largest DDoS attack was registered in 2008 and peaked at 49 Gbps.

DNS Made Easy received assistance from various uplink providers including Level3, GlobalCrossing, Tinet, Tata, and Deutsche Telekom and there were reportedly over 50 senior network admins from these companies looking into the issue and trying to identify the AS (autonomous system) networks from where the offending traffic was originating.

"All monitoring locations are green today. Speeds are back at industry leading response times," the company reported yesterday. "[…] Much more details will be provided to all of our users in the day(s) ahead," it added.

You can follow the editor on Twitter @lconstantin