The Domain Name System (DNS) is pervasive. Collectively, we use it billions of times a day, often without even knowing that it exists. For enterprises, it's their digital identity as well as a critical component of their security architecture. In short: DNS is pervasive and there are many DNS servers on the Internet. Since DNS runs on the UDP protocol, it can be used for amplification attacks.
Impact of running open recursive DNS servers
DNS can have an amplification factor of up to 179. In other words: 1 Byte turns into 179 Bytes in DDOS traffic. If only 1000 vulnerable DNS servers in, each with a mere 10 mbit/sec connection participates in a DNS amplification DDOS attack, then the resulting DDOS size will be 1790 GBit/sec. As a side note: the DDOS attack that brought spamhaus down and cloudflare nearly to its knees , was a mere ~ 100 Gbit/sec.