In the two years since Dyn went dark, what have we learned? Not much, it appears

DNS infrastructures still vulnerable to attacks

The majority (72 per cent) of FTSE 100 firms are vulnerable to DNS attacks, nearly two years after the major Dyn outage.

head of 50s-style robot

Today the web was broken by countless hacked devices – your 60-second summary

READ MORE

A similar three in five of the top 50 companies listed in the Fortune 500 are also ill-prepared for an attack similar to the Mirai botnet-powered assault against Dyn that left much of the web unreachable in late October 2016. A large minority (44 per cent) of the top 25 SaaS providers are also vulnerable, according to stats from a DNS Infrastructure Performance Report by security firm ThousandEyes published Wednesday.

DNS acts like a phone book for the internet, translating domain names that humans understand, such as Google.com, to internet addresses that computers and network routing equipment can process.

Cricket Liu, chief DNS architect and senior fellow at Infoblox, told El Reg that he didn't think "there was much evidence" DNS security had improved in the two years since the Dyn attack. "It hasn't gotten any easier to use multiple authoritative DNS providers, for example (say Dyn plus Verisign or Neustar). Being able to use multiple providers would make a big difference," he said.

ThousandEyes DNS best practices are not widespread in major enterprises and SaaS providers, leaving many organisations vulnerable as a result.

Cloudflare, Google and OpenDNS rated as the top public DNS performers in ThousandEyes' study. Top providers varied by region and country. In the UK, Level 3 had the best performance, followed by Google and OpenDNS while Google was the top dog in the US.

ThousandEyes found that DNS performance was highly variable among different public resolver providers and managed providers across various regions and countries. Countries known to interfere with the "free and open" running of the internet (e.g. China and Russia) create "DNS performance variations", according to ThousandEyes.

DNS selection affects how a company's application or service performs so organisations need to ensure they are building on a firm foundation.

ThousandEyes' report is based on data collected over 30 days — between 19 August and 19 September 2018 — which resulted in more than 15 million data points. The state of DNS resilience among major enterprises and SaaS providers was also collected.

More details on the study and its methodology can be found here. ®




Biting the hand that feeds IT © 1998–2018