In Oct of 2016 a large Distributed Denial of Service (DDoS) attack against DYN DNS, brought down networks such as Twitter, Amazon, Paypal, CNN, Reddit and other big names. Dyn, is a company that controls a good chunk of the internet’s domain name system (DNS) infrastructure. This was Dyn's comment...
Starting at approximately 7:00 am ET, Dyn began experiencing a DDoS attack. While it’s not uncommon for Dyn’s Network Operations Center (NOC) team to mitigate DDoS attacks, it quickly became clear that this attack was different (more on that later). Approximately two hours later, the NOC team was able to mitigate the attack and restore service to customers. Unfortunately, during that time, internet users directed to Dyn servers on the East Coast of the US were unable to reach some of our customers’ sites, including some of the marquee brands of the internet.
- Kyle York
- Chief Strategy Officer (DYN DNS)
Dyn disclosed that, according to business risk intelligence firm FlashPoint and Akamai Technologies, the attack was a botnet coordinated through a large number of Internet of Things-enabled (IoT) devices, including cameras, residential gateways, and baby monitors, that had been infected with Mirai malware.
So how exactly do you minimize the chance of hackers taking down your network, and disrupting your business?
There is no real 100% guarantee, but there are some steps you can take to minimize the chance of a DDoS attack. Here they are...
- Host your DNS with the top tier DNS providers such as DNSMadeEasy / ClouldFlare / Route53 (Amazon) or all 3.
- Host your email with a large clould provider such as G Suite (formerly Google Apps for Business) or Office 365 (Microsoft) if you prefer the Windows route.
- Host your Website on two different clould hosting providers or networks and setup a failover system such as DNSMadeEasy website failover service which guarantee's 100% uptime.
How This Works
The first thing Hackers look for is the weakest link. If you are hosting your DNS yourself or if it is hosted on two small DNS servers, your DNS can be brought down quite easily. All a hacker has to do is take down those two servers and your website(s), network and email will not work. If you host with top tier DNS providers as the one's mentioned above, they all have big pipes and numerous servers to handle the requests of a large DDOS attack. Some of the smaller DNS providers do not have the robustness of the top three. If you are really paranoid, you could host two DNS servers on each of the top three DNS Providers for your domain.
- ns1 - hosted on DNSMadeEasy
- ns2 - hosted on DNSMadeEasy
- ns3 - hosted on CloudFlare
- ns4 - hosted on CloudFlare
- ns5 - hosted on Route53 (Amazon)
- ns6 - hosted on Route53 (Amazon)
The guy's over at SolveDNS will show you the rankings of the top DNS providers
Secondly, if you host your email with either Google or Microsoft, any attacks on their networks will have to be handled by them. You can rest assured that Google and or Microsoft want to keep their networks running so they will be on it right away. That is why we at Clustered Networks do not recommend hosting your own email servers or placing them with a small hosting company.
Thirdly, your webservers. By hosting your Website on multiple cloud networks, your site is not in any one place. If there is an attack on your "cloud hosting provider number 1", the DNS service such as DNSMadeEasy failover service can flip your DNS to point your DNS reords to the "cloud hosting provider number 2" network. Hosting your website on two servers is very inexpensive and can be setup with a simple rsync script to mirror the websites daily. Essentially Clustering your Cloud Services to multiple networks rather than just one provider.