7 DNS Security Threats That Can Leave Your System in Ruins

DNS, by virtue of its simplistic design, is open to breach. Businesses have continuously faced threats and attacks by hackers trying steal data or corrupt their servers. To keep your organization safe, www.bluecatnetworks.com offers a variety of services to manage, secure and protect your DNS from third party attacks like the following.

Kaminsky Bug


Discovered by researcher Dan Kaminsky in 2008, the Kaminsky bug was a serious weakness in the DNS systems that could poison the cache provided by the ISPs by compromising the root servers. In one of the rare instances of prevention before attack, the flaw was detected before it could be exploited on a large scale and Kaminsky and his team were successful in plugging it.

Widespread DDoS

DDoS or Distributed Denial of Service Attacks are particularly efficient at scrambling DNS tables and denying service to users. On October 21, 2002, hackers attacked and compromised 9 of the 13 DNS root servers in an unprecedented scale of attack. Added security failed when an even larger attack successfully disrupted services in February 2007.



Conficker was a worm that targeted vulnerable Windows devices and generated tens of thousands of domains in order to replicate itself and distribute its command and control centers. It was finally brought to heel by an organized effort by Microsoft, ICANN, law enforcement and other agencies.

Hijack of ICANN’s domains


The global repository for domain names was attacked by a team of hackers going by the name NetDevilz. On visiting icann.org, users were greeted by a message from the attackers. Though the change was reset within 20 minutes, erroneous information had already been propagated through the channels and users continued to see the message for 48 hours.

Security Firm Bankrupted by DDoS


Israeli-American startup Blue Security was the victim of a concentrated DDoS attack by spam networks after its controversial anti-spam software Blue Frog tried to give the spammers a bit of their own medicine. Realizing it was being attacked, the security firm redirected its DNS records to its corporate blog hosted by Six Apart, which in turn, suffered major losses due the volume of attack. Two weeks later, Blue Security was out of business

Massive Cyber Attack takes down multiple sites

Proving that even all these added security is not enough, a massive cyberattack took down multiple websites like Netflix, Twitter, Etsy, Github, Vox, Spotify and Reddit in October 2016. A tweet by WikiLeaks implied that the attack was organized in protest against the manhunt for WikiLeaks founder Juliane Assange.


Leave a Reply

Your email address will not be published. Required fields are marked *