Distributed denial of service (DDoS) attacks using domain name server (DNS) amplification increased more than 357 percent in the fourth quarter of 2017, compared to 2016, according to Nexusguard´s “Q4 2017 Threat Report”, the company said.
The quarterly report, which measured thousands of attacks from around the world, attributes the skyrocketing attacks to servers enabled with Domain Name System Security Extensions (DNSSEC), a significant new risk if not properly configured. Although they´re intended to add integrity and security to the DNS protocol, DNSSEC-enabled servers can be deliberately targeted to reflect amplification attacks, due to the large size of the responses they generate.
Nexusguard´s quarterly distributed denial of service (DDoS) reports are based on the company´s collection of real-time data regarding threats facing enterprises and service provider networks around the world. The company gathers data from botnet scanning, Honeypots, Internet service providers (ISPs) and traffic moving between attackers and their targets to help companies identify vulnerabilities and stay informed about global attack trends.
Although the overall number of DDoS attacks fell 12 percent compared to the same period last year, a new class of powerful botnets may appear from wider DNSSEC adoption. Nexusguard warns teams to evaluate the DNSSEC response and security flaw to strengthen systems against future attacks.
Hackers also continue to favor multi-vector attacks, blending combinations of network time protocol (NTP), universal datagram protocol (UDP), DNS and other popular attack vectors in more than half of all botnets over the past year, according to Nexusguard´s “2017 DDoS Attack Landscape” infographic. China and the US continued to reign as the top two sources of DDoS attacks in Q4, contributing 21.8 percent and 14.3 percent of the botnets, respectively. South Korea climbed to third place, contributing nearly six percent of the global attacks, up from sixth place last quarter.
Founded in 2008, Nexusguard is the global provider of fighting malicious Internet attacks. Nexusguard protects clients against a multitude of threats, including distributed denial of service (DDoS) attacks, to ensure uninterrupted Internet service. Nexusguard provides comprehensive, highly customized solutions for customers of all sizes, across a range of industries, and also enables turnkey anti-DDoS solutions for service providers. Nexusguard delivers on its promise to maximize peace of mind by minimizing threats and improving uptime. Visit www.nexusguard.com for more information.