Internet service providers in Thailand are being urged to implement preventive and protective measures to thwart or mitigate the impact of increasing domain name system (DNS) amplification attacks, says a global computer security firm.
DNS amplification attacks are a type of powerful distributed denial-of-service (DDoS) reflection attack that have a history dating back to the "Smurf" attack in 1997. Today's DNS amplification attacks are even stronger, slowing down internet access and causing significant damage to the intended target.
An amplification attack can create and send a target trillions of bytes of internet traffic.
DDoS attacks are becoming more sophisticated and complex with the increase in the skills of attackers and they have become a favoured weapon of cybercriminals to temporarily suspend or crash the services of a host connected to the internet. Nearly every big site has been the victim of such an attack.
"Up to 1 million vulnerable home routers were found in Thailand last year, the highest level in Southeast Asia," said Bruce Van Nice, an internet security expert and product director of Nominum, a US company.
Mr Van Nice said there are more than 11 million home gateways with open DNS proxies in Asia, representing up to 48% of the total globally. Southeast Asia has the highest concentration of vulnerable routers.
Globally, more than 24 million home routers are vulnerable to DNS-based DDos attacks, he added. DNS amplification attacks in January made up almost three-quarters of all attacks, according to Nominum.
These attacks generate significant collateral damage en route to their target due to their extreme bandwidth consumption on ISP networks.
Mr Van Nice suggested ISPs upgrade their DNS servers to be smarter by screening malicious traffic while preserving legitimate traffic.
They also need to build domains with dynamic threat lists that are capable of reacting to changes in the system's assets and vulnerabilities with updated action item lists that reflect the changes in threat realities.
Nominum is introducing the Vantio ThreatAvert security solution, enabling users including ISPs to protect their networks from inside threats.