.CN Domain Service Restored from Large DDoS Attack

After a large DDoS attack, China’s .CN domain service was restored Sunday morning. This DDoS attack has affected about one-third of the websites registered to .CN domain, reported by Threatpost.

This year, there are a series of massive DDoS attacks which are mainly aimed at banks and other financial institutions in U.S. And this incident is just the latest one of them.

A recent Arbor Networks report pointed that in the first half of 2013, nearly half the DDoS attacks are larger than 1Gbps, increasing from 13.5% in 2012.

This DDoS attack was the biggest one China has ever met and it triggered outage, said in a statement of the China Internet Network Information Center. The organization also made an apology to its users for the unavailability of the Internet. And the DNS security specific contingency plans are currently in readiness.

Till now, the origin of the attack has not been identified yet. Starting from about 4 a.m. UTC, the attack only got worse two hours later, criticized by the CINIC.

Quoted from web security provider CloudFlare, the Wall Street Journal reported that the attack aimed at a .CN registry. During the peak of the attack, traffic to websites with .CN domains slumped significantly by more than 30% over the previous 24 hours.

Matthew Prince, CEO of CloudFlare, told Threatpost that the attacker may has found a bottleneck in the registry infrastructure and then overwhelmed it with traffic to make the service unavailable. Prince also told that before being mitigated, the DDoS attacks lasted up to 4 hours.

Director of research Dan Holden of Arbor Networks said that their research team also monitored the attacks and saw a 400% increase over average traffic.

Last month, Network Solutions have been facing more access problems, following DDoS attacks against Network Solutions’ servers.