sb-nz logo
Story image

DNS amplification attacks rise twofold in Q1 - report

14 Jun 2018

DNS amplification types of DDoS attacks doubled in the first quarter of 2018 over last quarter, and spiked nearly 700% year-over-year, according to Nexusguard's "Q1 2018 Threat Report."

The quarterly report, which analyses thousands of global cyberattacks, reported that 55 of the attacks were due to exploited Memcached servers.

The vulnerable servers pose a significant new risk if not properly configured, similar to exposed servers enabled by Domain Name System Security Extensions (DNSSEC), a major threat in Q4.

The poor configurations left unchecked can cause the amplified traffic to bring about the highest multiplying effect ever.

Similar to vulnerable IoT devices deployed with little or no security, exposed Memcached servers can give cyber criminals openings to mount attacks amplified by a factor of 51,000 times, making them the most efficient attack tool to date.

Although service providers were able to decrease the number of vulnerable Memcached servers over the past few months, Nexusguard researchers urge organisations to ensure security is built in to devices or services from inception through deployment, including new security configurations and virtual patches throughout lifecycles.

"Cyber attackers continue to seek new vulnerabilities to pursue more firepower, launching more amplification attacks through unguarded Memcached servers and poorly configured DNSSEC-enabled DNS servers the past two quarters, and we expect this trend to continue," says Nexusguard chief technology officer Juniman Kasman.

"To stay ahead of cybercriminals, businesses will need to ensure security is a top priority from development through to rollout, rather than leaving it as an afterthought."

Hackers also continue to favour multi-vector approaches to help launch volumetric attacks, blending combinations of DNS amplification, network time protocol (NTP), universal datagram protocol (UDP) and other popular attack vectors in more than half of all botnets over the last three months.

China and the US-dominated as the top two sources of DDoS attacks in Q1, contributing 15.2% and 14.2% of the botnets, respectively.

Vietnam climbed to third place, contributing more than seven percent of the global attacks.

Nexusguard's quarterly DDoS threat research gathers real-time attack data from botnet scanning, Honeypots, internet service providers (ISPs) and traffic moving between attackers and their targets to help companies identify vulnerabilities and stay informed about global cyber security trends.

The Nexusguard Q1 2018 Threat Report is available on the Nexusguard website.

Story image
Rising threat of data breaches among enterprises drives growth in network security revenue
"Key factors leading to the growth of network security market revenue in the Asia Pacific region includes instances of ransomware attacks, targeted attacks and phishing."More
Story image
Check Point a Leader in Firewall Magic Quadrant for 21st Time
It is the 21st time in the company’s history that Check Point has been named a Leader in Gartner’s Magic Quadrant for Enterprise Network Firewalls.More
Story image
The ultimate network security audit checklist
Experts project that losses and damage from cybercrime will skyrocket, with attacks ranging from spam and phishing to malware and spyware — all compromising the safety of sensitive data and proprietary information. These attacks can be minimised by performing network security audits regularly.More
Story image
NetMotion and Netpoleon partner to deliver security platform
Netpoleon will sell, supply and support the NetMotion platform across all states and territories across Australia, and in New Zealand.More
Story image
Video: 10 Minute IT Jams - Vectra AI exec discusses cybersecurity for Office 365
In Techday's second IT Jam with Vectra AI, we speak again with its head of security engineering Chris Fisher, who discusses the organisational impact of security breaches within Microsoft O365, why these attacks are on the rise, and what steps organisations should take to protect employees from attacks.More
Story image
DDoS campaigns, BEC scams & Emotet: CERT NZ reports top security threats
It has been yet another tumultuous quarter for New Zealanders and their wallets, with almost $6.4 million in reported financial losses due to cybersecurity incidents.More