DNS attack downs Internet in parts of China

Information requests from a hugely popular video application flooded China's telecom networks

An attack on the servers of a domain registrar in China caused an online video application to cripple Internet access in parts of the country late on Wednesday.

Internet access was affected in five northern and coastal provinces after the DNS (domain name system) attack, which targeted just one company but caused unanswered information requests to flood China's telecommunications networks, China's IT ministry said in a statement on its Web site.

The DNS is what computers use to find each other on the Internet.

The incident revealed holes in China's DNS that are "very strange" for such a big country, said Konstantin Sapronov, head of Kaspersky's Virus Lab in China.

The problems started when registrar DNSPod's DNS servers were targeted with a DDOS (distributed denial of service) attack, described by the company in an online statement.

In such an attack, the attacker orders a legion of compromised computers to try to communicate with a server all at once, which overwhelms the server and crushes its ability to return requests for information.

Telecom network operators blocked access to the IP (Internet Protocol) address of the registrar, concerned that its beleaguered servers were draining resources from the machine rooms they occupied, the registrar said.

Web sites served by the registrar's servers, including one that offers an extremely popular online video playing application, became inaccessible.

The story might have ended there. But as some massive number of users tried to boot up the video application, called Baofeng, their unanswered DNS requests were apparently passed on to higher-level servers that didn't know how to process them.

The requests piled up, and the resulting traffic jam slowed or halted Internet access across affected provincial networks. DNSPod was told that even Baidu, China's top search engine, became inaccessible in one province, it said in a message on Twitter.

Internet access returned to normal in the late night several hours later, according to the government statement.

China had almost 300 million Internet users at the end of last year, according to the country's domain registry agency, and streaming online video is as popular among young people as it is in Western countries.

The event, the first of its kind in China, suggests the country needs to improve its rules managing the DNS, said Zhao Wei, CEO of Knownsec, a Beijing security firm.

The original attack transformed into a regional DNS jam essentially because Baofeng is so popular, said Zhao.

Such programs may need smarter code, which could instruct them to withdraw DNS requests that go unanswered, he said. The way unanswered requests are redirected to higher-level servers could also be changed, Zhao said.

Guarding servers against DDOS attacks remains difficult. DNS service providers need reliable, secure servers and emergency plans in case they fail, said Zhao.

Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.

Owen Fletcher

IDG News Service
Topics: cyber attacks, ddos, China, DNS, internet
Comments are now closed.

Latest News Articles

Most Popular Articles

Follow Us

GGG Evaluation Team

Kathy Cassidy

STYLISTIC Q702

First impression on unpacking the Q702 test unit was the solid feel and clean, minimalist styling.

Anthony Grifoni

STYLISTIC Q572

For work use, Microsoft Word and Excel programs pre-installed on the device are adequate for preparing short documents.

Steph Mundell

LIFEBOOK UH574

The Fujitsu LifeBook UH574 allowed for great mobility without being obnoxiously heavy or clunky. Its twelve hours of battery life did not disappoint.

Andrew Mitsi

STYLISTIC Q702

The screen was particularly good. It is bright and visible from most angles, however heat is an issue, particularly around the Windows button on the front, and on the back where the battery housing is located.

Simon Harriott

STYLISTIC Q702

My first impression after unboxing the Q702 is that it is a nice looking unit. Styling is somewhat minimalist but very effective. The tablet part, once detached, has a nice weight, and no buttons or switches are located in awkward or intrusive positions.

Resources

Best Deals on GoodGearGuide

Compare & Save

Deals powered by WhistleOut
WhistleOut

Latest Jobs

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?