Millions of broadband customers across the UK could be open to DNS-based Distributed Denial of Service (DDoS) attacks, as a result of not upgrading their hardware or updating their security.
A study carried out by analyst Nominum suggests that 24 million home broadband routers could be exposing both users and broadband providers to potentially participating in the attacks, which work by overloading a target server such as a website with huge numbers of data requests from multiple internet connected computers.
These are usually computers infected with Trojans or viruses that then become part of a botnet, but cybercriminals have recently begun targeting home broadband routers, particularly older ones that are in need of upgrading, or which have insufficient security.
Due to the way in which hackers operate, it is possible to exploit routers without even hacking them, by imitating their target's IP address and receiving data from vulnerable devices, explained Sanjay Kapoor, Nominum’s CMO and SVP of Strategy.
He explained: "Existing in-place DDoS defenses do not work against today’s amplification attacks, which can be launched by any criminal who wants to achieve maximum damage with minimum effort. Even if ISPs employ best practices to protect their networks, they can still become victims, thanks to the inherent vulnerability in open DNS proxies."
As such, broadband providers need more effective protections built-in to DNS servers, claims Mr Kapoor, who pointed out that modern DNS servers can precisely target attack traffic without any impact on legitimate DNS traffic.
It comes as a report published by the Guardian indicated that 800,000 home routers belonging to UK customers such as BT and Virgin Media could be vulnerable to such an attack, though this figure is far lower than Nominum's estimations.
In February alone, the analyst calculated that 5.3 million routers were used to generate attack traffic - a figure it expects to continue increasing as older hardware is exploited.