FBI Outlines Technique Behind DDoS Attacks on US Voter Registration Website
Hackers who unleashed DDoS attacks (Distributed Denial of Service) attacks on a state-level voter registration and voter information website in the US used a technique called Pseudo Random Subdomain Attack (PRSD,) which is a form of attack that uses DNS queries for nonexistent and randomized subdomains, according to the FBI.
“The FBI received reporting indicating a state-level voter registration and voter information website received anomalous Domain Name System (DNS) server requests consistent with a Pseudo Random Subdomain (PRSD) attack,” notes a Private Industry Notification sent by the FBI and published by BleepingComputer.
“The requests occurred over the course of at least one month in intervals of approximately two hours, with request frequency- peaking around 200,000 DNS requests during a period of time when less than 15,000 requests were typical for the targeted website.”
PRSD attacks can be dangerous if the DNS servers lack the tools to deal with such incidents. Fortunately, that wasn”t the case. The FBI said the DNS servers had rate-limiting algorithms in place, which help to filter incoming and outgoing traffic.
These types of DDoS attacks are used because it makes it easier to obfuscate the source, as the queries can be routed through open proxies and botnets. On the other hand, it”s not that difficult to prepare for such an eventuality.
The FBI advises institutions and companies to have an incident response plan, including a DDoS mitigation strategy, to keep all endpoints, hardware, and software up to date, and to closely maintain a timeline for the attacks. Of course, organizations in the United States are advised to contact the FBI in case of a DDoS attack.
Identifying and Dealing with Online Bullying Is Not Impossible - School Presentation Inside
June 28, 2022
Let’s Celebrate World Social Media Day by Improving Your Privacy and Security Online
June 28, 2022
Bitdefender Reveals the Top Cyber Threats Faced by Consumers in 2021
June 22, 2022
Scam alert: Cybercrooks use shady investment domain to scam keen investors out of money and data
May 24, 2022
John Oliver Shows the Dark Side of Data Brokerage on Last Week Tonight
April 15, 2022
Bitdefender Labs Warns of Phishing Scams Targeting MetaMask Users
April 14, 2022