Washington: Companies can reduce the risk from the type of cyber attack that took out major websites last week by using multiple vendors for the critical internet service known as a domain name service, or DNS, companies and security experts said.
“We have advocated for years for redundancy in your infrastructure,” said Kyle York, chief strategy officer for Dyn, the New Hampshire DNS provider that was attacked on Friday. “I don’t think you can ever be safe enough or redundant enough.”
York said clients who used multiple servers “saw less of an impact”. Using multiple DNS providers can, however, make managing traffic more complicated and costly, experts said.
“It’s important to implement diversity geographically, as well as architecturally,” for a defence against domain name service attacks, said Andy Ellis, chief security officer at Akamai Technologies, which helped Dyn recover last Friday.
Businesses can choose up to eight authoritative domain service providers, and some of the hardest-hit sites were customers who only picked Dyn.
“This is the new norm, the internet wasn’t designed with these kinds of attacks in mind,” said cyber security expert and entrepreneur Barrett Lyon.
Long-term solutions would likely require governments to take far more responsibility for mandating internet security, experts agreed.
Chinese electronics component manufacturer Hangzhou Xiongmai Technology said on Sunday that weak default passwords on its products inadvertently played a role in the cyber attack, according to a report from IDG News Service.
