Julianna
Most Canadian Businesses Aren’t Sufficiently Prepared to Prevent Downtime or DDoS Attacks
The DNS is like the unsung hero of the Internet. It’s the magic that makes the Internet logical and navigable for its human users. When it’s working as expected, most of us take it for granted… until something goes wrong.
Understanding DNS
The Domain Name System is an integral piece of the Internet’s infrastructure, underpinning all the key services that an online business relies upon – domain name or address on the web, email and instant messaging tools, API calls made by web applications, VPNs, online meeting services, and so on and so forth.
All these things depend on the DNS to translate semantic, human-readable domain names into machine readable IP addresses like 195.4.198.151. Virtually everything that we do on the Internet, such as opening a website, browsing through webpages, checking email, or accessing web-based services, relies on the Domain Name System.
The Impact of DNS Failure
As you can imagine, a DNS failure can have serious, or even devastating impacts for a business or organization in terms of lost revenue, trust, and reputation. DNS failure can lead to a variety of issues:
- Service Disruption: DNS serves as a support infrastructure for most applications, content distribution platforms, and many security services. If DNS fails, it can disrupt these services, affecting both productivity and customer experience.
- Business Loss: If customers are unable to reach your website to purchase the goods or services you are selling, a DNS outage will literally lose you money. Your company’s reputation can take a massive hit by losing valuable data, and customers may deem your business unreliable and irresponsible.
- Email Service Disruption: If your DNS fails, it can result in your emails not reaching the inbox of your recipients. DNS is used to verify the authenticity of your email domain through and DNS failures can disrupt this authentication process, potentially damaging your domain’s reputation.
- Negative Impact on SEO Rankings: DNS failures can significantly impact SEO in various ways. If your DNS configuration is flawed or unreliable, it can lead to increased site loading times and frequent outages, both of which are detrimental to SEO rankings. Search engines like Google prioritize fast-loading websites and availability, so any downtime can negatively affect your site’s position in search results.
The Solution: Webnames Anycast DNS
Given the critical importance that a business’ DNS stays up and always running, it’s strongly recommended – and common-sense IT practice – to ensure redundancy and reliability. Website visitors won’t stand for a slowly loading website, and DNS plays a crucial role in customers being able to view a website.
One way to achieve this is through Anycast DNS. This technology allows multiple servers to share the same IP address, meaning that if one server fails, another can seamlessly take over. With an Anycast network, instead of one origin server taking the brunt of the traffic, the load can also be spread across other available data centres, each of which will have servers capable of processing and responding to the incoming request. This routing method can prevent an origin server from extending capacity and avoids service interruptions to clients requesting content from the origin server. In the event of a server failure, Anycast allows for seamless failover to another server. Since multiple servers share the same IP address, if one server fails, the network can automatically reroute requests to another operational server, ensuring uninterrupted service.
Anycast DNS operates on separate machines, with separate internet connections, and in multiple diverse geographical locations. This has several benefits:
- Improved Performance
- Availability and Redundancy
- Load Balancing
- Scalability – so as organizations grow and expand, traffic management can become challenging and Anycast helps manage this growth.
- DDoS Protection
The Importance of Adopting Anycast DNS
Despite the clear benefits of Anycast DNS, many businesses – especially small businesses – neglect to adopt this technology. Why? Mostly because of lack of awareness of the underlying risks, the implications thereof, and how easy and inexpensively proactive measures can be implemented. We also, naively, tend to believe that bad things won’t happen to us. However, recent statistics show a different reality. Cyberattacks against small businesses have been on the rise in recent years. The Insurance Bureau of Canada’s 2023 Cybersecurity Survey found that more than 60% of small businesses believe their business is too small to be targeted by cyber criminals. That number increases to 73% for sole proprietors. Despite nearly 40% of small businesses indicating that they had seen an increase in scam attempts over the last 12 months, 69% do not consider cyber security a financial priority.
Small businesses, however, are not alone in this misconception. Even large organizations with established IT protocols and well-funded departments have DNS configurations that leave them expose to outsized risk. For instance, IDC’s 2023 Global DNS Threat Report revealed that 90% of organizations interviewed experienced one or more DNS attacks, and 73% experienced downtime as a result. In the immediate aftermath of an attack, organizations that experience downtime are likely unable to access important data or applications, leading to revenue loss, missed deadlines, reputational damage, and regulatory fines.
All the statistics presented thus far are both alarming and negligent. They show that traditional measures taken to mitigate the effects of DNS attacks may not be sufficient in today’s digital landscape. This underscores the importance for all businesses, regardless of the size, to implement robust security measures, such as Anycast DNS, to safeguard against cyber threats that are becoming increasingly common and more sophisticated.
Preventative Measures & the Role of Webnames Anycast
While there are several things businesses can do to prevent and mitigate DNS-based attacks, such as making sure operating systems and middleware are up to date, a good starting place is to simply monitor and analyze your traffic. Understanding your traffic patterns will help alert you to unusual occurrences and recognize if and when you are being attacked. The other thing you can do right away – and I mean, like yesterday – is to adopt Anycast DNS.
Another significant advantage of Webnames Anycast service, when compared to other Anycast DNS services, is that it has been built with Canadian businesses and organizations in mind. Our service has 12 nodes situated around the globe, plus an additional 8 nodes running coast-to-coast in Canada, situated close to major Canadian population centres. This means that homegrown traffic moves exceptionally fast, giving Canadian businesses and their clients the fastest possible domain resolution times – in addition to increased resilience against DNS-based attacks.
Webnames Anycast comes with a 100% uptime SLA and is easy to configure – for many businesses, they can be up and running in as little as thirty minutes. We’ll even help you get set up. Also, your domain doesn’t need to be with Webnames to use Anycast, it can be at any provider anywhere in the world, and Anycast can even be used in conjunction with other DNS services.
Final Thoughts from the Pros
As a domain registrar, we see the evidence of this day in and day out, with large numbers of customers not fully utilizing the benefits of Anycast DNS despite our ongoing best practice recommendations to do so. Considering the essential role of DNS in the functioning of the Internet and enterprise network, as well as a vector for the most dangerous cyberattacks, organizations need to prioritize DNS security as a part of their overall cybersecurity strategy.
The escalating frequency, size and intensity of DDoS attacks have made the issue more pressing than ever. As veterans in the domain space for over 20 years, we’ve witnessed firsthand the unprecedented prevalence of these attacks which continue to surge.
In response to this growing threat, we advocate for the use of DNS Anycast, a solution that prioritizes both performance and security. Customers who value fast and reliable web hosting should consider the same for their DNS. In fact, according to the recommendations from the Canadian Centre for Cyber Security for guidance on mitigation strategies for DDoS attacks, implementation of Anycast DNS is one of the best ways to make it more challenging for threat actors to execute these attacks.
The setup is a one-time, quick and easy process. Importantly, there’s no need to alter how you currently manage your DNS records. Anycast operates as a slave to your existing primary DNS server, providing a significant boost in scale and performance. Once the two systems are connected, no further operational changes are required. In essence, DNS Anycast offers a robust solution to the increasing threats of DDoS attacks, ensuring both superior performance and enhanced security.
With 100% uptime provided by Anycast DNS, businesses can enjoy peace of mind knowing their online presence is secure. Simply assuming it isn’t going to happen to you, and therefore your customers, is not a strategy. Adopting Anycast DNS is a proactive step towards ensuring business continuity and security.
So, whether you are a small business, medium-sized organization or major corporation, the future is going to bring new threats. Eliminating service disruptions to your website and downtime of online assets that customers access or employees depend upon should be a business priority in this 24×365 connected world. While there is no way of guaranteeing your business or organization won’t fall victim to a nameserver outage or DNS-based attack, you can take affordable – and we’re talking less than $0.10/day – effective measures to mitigate the threat, stay online and protect your reputation if an attack occurs. Don’t put your business at risk by assuming it can’t or won’t happen to you. Adopt Anycast DNS today!
——–
To learn more about Webnames Anycast, which leverages CIRA’s D-Zone to provide the most extensive Canadian DNS coverage available, visit https://www.webnames.ca/dns/anycast.
Note: This article was originally published in 2017. The facts and statistics have been updated for 2024.