DNS-based DDoS amplification attacks have significantly increased in the recent months, targeting vulnerable home routers worldwide, according to Nominum.
The company found in a new research that a simple attack can create tens of Gbps of traffic to disrupt provider networks, enterprises, websites, and individuals anywhere in the world.
Traffic from amplification amounts to trillions of bytes a day disrupting ISP (internet service provider) networks, websites and individuals.
The study revealed that more than 24 million home routers on the internet have open DNS proxies which expose ISPs to DNS-based DDoS attacks.
Results show that in February, more than 5.3 million of these routers were used to generate attack traffic.
During an attack in January 2014, more than 70% of total DNS traffic on a provider’s network was associated with DNS amplification.
DNS is by far the most popular protocol for launching amplification attacks, with more available amplifiers than the next four protocols combined.
The impact on ISPs – relating to network, cost, revenue and operation - is that available bandwidth is saturated, the number of support calls spike, churn or retention expenses rise, and unwanted traffic is directed toward peers.