Turkey DNS Servers Under Attack

Since Monday December 14th, Turkey’s DNS servers, ns1.nic.tr – ns5.nic.tr, have been the target of a persistent denial of service attack. This 40Gbps amplification attack targeted all 5 nic.tr servers and saw peaks close to 200 Gbps.  The attack left more than 400,000 websites down in Turkey and DNS servers unable to respond to queries.



All traffic to Turkey was eventually cut off in an attempt to mitigate the attack. As of December 20th the DNS servers were still being targeted. The attacks are coming from spoofed addresses, masking the origin of the attack.

Recently Anonymous has taken credit for the attacks under the ongoing operation, OpISIS.  In a newly release video by Anonymous they claim they are targeting Turkey due to Erdogan’s support of ISIS.  They go on to claim that Turkey is buying oil from ISIS and vows to keep attacking until they stop supporting them.

Video by Anonymous – Message to Turkey: https://youtu.be/0m9lzxXIDBU

Please read Radware’s Emergency Response Team alert for further details.

Daniel Smith

Daniel is the Head of Research for Radware’s Threat Intelligence division. He helps produce actionable intelligence to protect against botnet-related threats by working behind the scenes to identify network and application-based vulnerabilities. Daniel brings over ten years of experience to the Radware Threat Intelligence division. Before joining, Daniel was a member of Radware’s Emergency Response Team (ERT-SOC), where he applied his unique expertise and intimate knowledge of threat actors’ tactics, techniques, and procedures to help develop signatures and mitigate attacks proactively for customers.

Contact Radware Sales

Our experts will answer your questions, assess your needs, and help you understand which products are best for your business.

Already a Customer?

We’re ready to help, whether you need support, additional services, or answers to your questions about our products and solutions.

Get Answers Now from KnowledgeBase
Get Free Online Product Training
Engage with Radware Technical Support
Join the Radware Customer Program


An Online Encyclopedia Of Cyberattack and Cybersecurity Terms

What is WAF?
What is DDoS?
Bot Detection
ARP Spoofing

Get Social

Connect with experts and join the conversation about Radware technologies.

Security Research Center