Skip to main content

Suspected botnet tried to break the Internet by attacking root DNS servers

china cyber attack
hamburg berlin/Shutterstock
Someone tried to break the Internet last week by DDoSing the root DNS servers. Fortunately, It didn’t work.

For two and a half hours on November 30 a barrage of requests — five million queries every second — hit most of the Internet’s 13 root DNS servers. Another attack lasted an hour the next day. A sophisticated botnet is the likely source, but no one is sure what motivated the attack.

Recommended Videos

In any case, safeguards in place meant the Internet did not go down on November 30, or December 1st. Most people didn’t even notice the attack.

Please enable Javascript to view this content

“My takeaway is that the event pretty much ‘didn’t happen’ for the ordinary user,” professor Randal Vaughn of Baylor University told Ars Technica. “They either failed to observe it or just didn’t associate any connectivity issues with an ongoing attack.”

Part of the reason for this is the robustness of the root DNS servers: they’re designed to stand up to a lot of traffic, so even attacks like this don’t amount to much. More importantly, most Internet users don’t make requests of the root DNS servers, instead using the DNS servers provided by an ISP or third party services like Google or OpenDNS.

“The DNS root name server system functioned as designed, demonstrating overall robustness in the face of large-scale traffic floods observed at numerous DNS root name servers,” said a report on the attack.

Still, the attack was unique. Geographically scattered computers sent billions of seemingly valid queries for a single domain name, then repeated the process for another domain the next day. The volume of traffic means someone has access to massive amounts of computing power, and even if it wasn’t nearly enough to cause any actual problems, it’s still troubling. The same power, directed at any other target, would’ve been far more successful at achieving its goal.

Justin Pot
Former Digital Trends Contributor
Justin's always had a passion for trying out new software, asking questions, and explaining things – tech journalism is the…
Microsoft stopped the largest DDoS attack ever reported
Nvidia T4 Enterprise Server Wall

Distributed Denial-of-Service (DDoS) attacks have become more common, and Microsoft recently published a blog post looking into the trends for such attacks on its own servers. In that post, the company says that, at one point, it stopped one of the largest-ever-recorded DDoS attacks on a Microsoft Azure server in Asia.

According to Microsoft's data, in November, an unnamed Azure customer in Asia was targeted with a DDoS attack with a throughput of 3.47 Tbps and a packet rate of 340 million packets per second (pps.) The attack came from 10,000 sources from multiple countries across the globe, including China, South Korea, Russia, Iran, and Taiwan. The attack itself lasted 15 minutes. Yet it is not the first one of such scale, as there were two additional attacks, one of 3.25 Tbps and another of 2.55 Tbps in December in Asia.

Read more
Cloudflare reports a massive 175% increase in DDoS attacks
Person using laptop with security graphics in front.

Cloudflare, a web infrastructure and security company, has just released a report titled "DDoS Attack Trends for Q4 2021." According to Cloudflare, 2021 has been a particularly bad year in terms of DDoS attacks.

Ransom distributed denial of service (DDoS) attacks increased by over 175 percent quarter over quarter, highlighting the large scale of the problem described by Cloudflare.

Read more
What is a DNS server? Here’s how the Internet serves up your favorites
uk prime minister david cameron announces deal germany develop 5g internet the

Each time you open a browser and type in a web address, there's a hidden hand sending all the information to your PC to render the page as it should. Those middle-men of your newly loaded webpage are the internet's DNS servers.

But what is a DNS server exactly? To help explain, we'll walk you through the process of retrieving a web page and cover the many types of DNS servers residing between you and your favorite sites and services. We'll also show you how to change DNS settings to get the fastest, safest web browsing experience possible.
What is DNS?
DNS is short for Domain Name System. Created in 1983 at the University of Wisconsin, it’s an expanding global directory for the Internet that replaces numeric addresses with alphabetic addresses. Rather than “dial” a string of numbers in a browser to contact Google, just type its name instead. Alphabetic addresses are simply easier to remember, even more so given there are more than 1.7 billion websites on the Internet today.

Read more