Mystery Surrounds DDoS Attacks On Janet/DNS Servers

Distributed denial of service (DDoS) attacks are hitting the academic computer network known as Janet in “targeted and sustained set of attacks,” said the network’s operator Jisc.

That attack comes after it emerged that last week the core DNS servers of the Internet were also targeted in a DDoS attack.

Earlier this week Akamai warned that the frequency of distributed denial of service (DDoS) attacks continued to rise, and the United Kingdom is now the leading originator of DDoS attacks

Janet Attack

“We have been experiencing a targeted and sustained set of attacks on the Janet network,” said Jisc on its Facebook page. Jisc is a publicly funded body that provides computer network services to higher education and research bodies.

“These are distributed denial of service (DDoS) attacks that have resulted in reduced connectivity and disruption for all Janet customers,” it said.

The attacks have reportedly left university students across the UK unable to submit work.

“Various blocks and filtering are being put in place to limit the impact of the disruption, but the details of each attack are subject to change,” said Jisc. It also said that it website had been affected.

“We understand the importance of connectivity to colleges, universities and other public sector organisations,” said Tim Kidd, executive director, Jisc. “We are doing everything in our power to ensure normal service in resumed as soon as possible, and in the meantime to minimise any disruption that users of the Janet network may be experiencing. We apologise for any inconvenience caused.”

DNS Attack

Meanwhile it has also emerged that the root DNS servers of the Internet have also suffered a similar concerted DDoS attack that according to one report, knocked a number of the critical pillars of the internet offline for several hours.

“On November 30, 2015 and December 1, 2015, over two separate intervals, several of the Internet Domain Name System’s root name servers received a high rate of queries,” said an analysis of that attack.

“The observed traffic volume due to this event was up to approximately 5 million queries per second, per DNS root name server letter receiving the traffic,” said the analysis. “The incident traffic saturated network connections near some DNS root name server instances. This resulted in timeouts for valid, normal queries to some DNS root name servers from some locations.”

The analysis said it was difficult to identify who was behind the attack as the “source addresses of these particular queries appear to be randomised and distributed throughout the IPv4 address space.”

Are you a security pro? Try our quiz!