The FBI recently discovered a potential Distributed Denial of Service (DDoS) attack that targeted state-level voter registration and information site, according to the federal body’s Private Industry Notification (PIN) obtained by Bleeping Computer.
It’s said that the voter registration and voter information websites received anomalous Domain Name System (DNS) server requests with a Pseudo-Random Subdomain (PRSD) attack. The PIN stated that the requests occurred for one month in intervals of approximately two hours with request frequency of around 200,000 DNS requests during the period of the attack.
“PRSD attacks are a type of DDoS attack used by threat actors to disrupt DNS record lookups by flooding a DNS server with large amounts of DNS queries against non-existing subdomains,” the FBI explained.
Apart from disclosing potential targets, the FBI also provided precautionary measures to mitigate DDoS attacks which include:
- Implementing an incident response plan, including a DDoS mitigation strategy, and practicing the plan prior to an actual incident
- If the incident response plan involves external organizations, ensure the appropriate contacts with the external organizations are established prior to an incident
- Enabling automated patches for operating systems, web browsers, and software
- Maintaining a timeline of attacks while recording all relevant details
“The DDoS attack market is changing. New DDoS services appear to have replaced ones shut down by law enforcement agencies. As organizations implement basic countermeasures, attackers target them with long-lasting attacks. It is difficult to say if the number of attacks will continue to grow, but their complexity is showing no signs of slowing down. We recommend that organizations prepare themselves effectively, in order to withstand sophisticated DDoS attacks,” suggested an earlier report.