Leading DNS Provider NS1 Targeted with DDoS Attacks

NS1 has been providing DNS services to Imgur, Yelp, Max CDN, OpenX, Collective and imgIX!

NS1, one of the leading DNS providers in the world have revealed that their servers have been facing massive distributed denial of service (DDoS) attacks for last two weeks. That’s not all, the attackers also targeted NS1’s partners by shutting down their websites. Though the customers were partially affected by these attacks it is still unclear who the attackers were or what were their motives.

According to a blog post by NS1’s CEO Kris Deevers on May 16th, company’s Managed DNS network came under a series of DDoS attacks above 20-30 Gbps, with most above 10-20M packets/sec (pps). Mr. Deevers is positive that the attack was not on the customers but on NS1 infrastructure as attackers also DDoSed the hosting provider of ns1.com website.

“Unless a group ultimately steps forward and claims responsibility for a DDoS attack, it can be difficult or impossible to ever ascertain the underlying motivation or the responsible party. Attacks can be motivated by any number of things, ranging from political intentions to business motivations to outright malice. We will not speculate further. However, we have contacted the appropriate law enforcement authorities and are working with them to investigate,” said Beevers.

The targeted services also include NS1’s customer command-and-control systems, the official website (ns1.com) and system status report domain (StatusPage.io).

Since last two years, there has been an increase in DDoS attacks yet it’s hard to track the culprits, however, protection from such attacks is a necessity. In Feb 2016, the Department of Homeland Security (DHS) Science and Technology Directorate (S&T) signed a contract with Galois to protect its cyber infrastructure against both small and large scale cyber attacks.

For now, NS1 has successfully pulled off the attack traffic. Beevers refrained from going into more details but the attack leaves several questions on the future of online business constantly under the threat of DDoS attacks.

Well, this has been an un-fun 24h. Proud of our team's creativity, scrappiness, endurance. We'll come out stronger than ever. <3 @nsoneinc

— Kris Beevers (@beevek) May 17, 2016

Usually, cyber criminals target businesses either for fun or to get some bucks. The recent attacks have shown an increase in DDoS attacks leading to ransom. The ProtonMail DDoS attack incident is a good example where attackers demanded the encrypted email service provider to pay $6000 as ransom but even after paying the criminals didn’t stop targeting the firm’s servers. However in the case of NS1, there’s been no demands for ransom at least not yet.