Skip to content

Security Researchers Reveal Majority of Nasdaq 100 Companies Continue to be Susceptible to DNS DDoS Attacks

Boston, MA | March 5, 2018

Today marks 500 days since the devastating cyberattacks against the DNS provider Dyn, that caused widespread outages across the Internet impacting many popular destinations including Netflix, Amazon, Reddit and Twitter. The broad impact of the attack was so significant that it resulted in a formal response from the White House, and an investigation by the US Department of Homeland Security. The attack served as a wake-up call to many organizations highlighting the susceptibility of even large enterprises to DDoS attack. However, as a recent NimbusDDOS study has found, a significant portion of large enterprises continue to operate with configurations that leave them vulnerable to a repeat of that attack.

The NimbusDDOS study investigated the DNS configurations for websites associated with the Nasdaq 100 companies and the Alexa US-50 to identify those that might still be susceptible to a similar cyberattack. Highlights from that study include:
  • 9% of Nasdaq 100 businesses use a configuration consistent with best practices for redundancy and vendor diversity
  • 38% of Alexa 50-US sites use a configuration consistent with best practices for redundancy and vendor diversity

  • 32% of Nasdaq 100 businesses have configurations similar to those impacted during the 2016 Dyn attack
  • 38% of Alexa US-50 sites have configurations similar to those impacted during the 2016 Dyn attack

  • 19% of Nasdaq 100 businesses utilize a high-risk configuration susceptible to smaller DDoS attacks
  • 4% of Alexa US-50 sites utilize a high-risk configuration susceptible to smaller DDoS attacks

  • 3 of the Nasdaq 100 businesses had significant configuration errors that cause delays in normal day-to-day operation without an attack

Andrew Shoemaker, Founder and CEO, of NimbusDDOS said: "DNS is fundamental in nearly all communication across the Internet, and the attacks on Dyn proved that even large organizations can be impacted by a DDoS attack. In the wake of those attacks many organizations implemented additional safeguards to protect their business, but as our study showed, the issues identified that day are still very prevalent today."

Alex Johnson, Vice President of Sales, at NimbusDDOS added: "This study is a great example of how risk areas, even to known threats, can be easily overlooked. Even the best internal security teams recognize that having an outsider's perspective to examine and test their systems is critical to staying ahead of the next attack."

Full Report: https://www.nimbusddos.com/whitepaper-post-dyn-attack-analysis-20180305.htm

About NimbusDDOS: NimbusDDOS is the industry leader in vendor neutral DDoS attack preparedness services. Our vision is to provide the highest level of DDoS expertise to help our customers achieve the level of DDoS preparedness that their business demands. The foundation of our solutions are the expertise of our DDoS engineers, which is paired with a proprietary cloud platform that allows NimbusDDOS to perform legal DDoS attack simulations identical to those used by real-world attackers. To learn how NimbusDDOS solutions and experts are helping businesses proactively address the DDoS attack threat, please visit www.nimbusddos.com

More Information: 800.674.DDOS