US healthcare sector facing DNS NXDOMAIN flood DDoS attacks

Healthcare organizations across the U.S. have been warned by the Department of Health and Human Services Health Sector Cybersecurity Coordination Center regarding ongoing DNS NXDOMAIN flood distributed denial-of-service attacks against the industry, reports HealthITSecurity. Attackers engaging in DNS NXDOMAIN flood DDoS attacks have been looking to push large request volumes to the Domain Name System server to prevent website or service access for authorized users, according to the HC3. "Additionally, legitimate clients trying to access the website will increase the load even further. In most cases, the DNS proxy server and the DNS authoritative server will use all their time handling those bad requests. When successful, the outcome of these attacks can result in higher utilization of resources on the server, and the cache will be filled up with NXDOMAIN replies," the HC3 said. Healthcare organizations have been urged to be more cautious in IP blocking in order to curb access restrictions for legitimate users.