Distributed denial of service (DDoS) attacks using domain name server (DNS) amplification increased
more than 357 per cent in the fourth quarter of 2017, compared to 2016, according to Nexusguard's "Q4 2017 Threat Report."
The quarterly report, which measured thousands of attacks from around the world, attributes the skyrocketing attacks to servers enabled with Domain Name System Security Extensions (DNSSEC), a
significant new risk if not properly configured. Although they are intended to add integrity and security to the DNS protocol, DNSSEC-enabled servers can be deliberately targeted to reflect amplification attacks, due to the large size of the responses they generate.
Nexusguard's quarterly distributed denial of service (DDoS) reports are based on the company's collection of real-time data regarding threats facing enterprises and service provider networks around the world. The company gathers data from botnet scanning, Honeypots, internet service providers (ISPs) and traffic moving between attackers and their targets to help companies identify vulnerabilities and stay informed about global attack trends.
Although the overall number of DDoS attacks fell 12 per cent compared to the same period last year, a new class of powerful botnets may appear from wider DNSSEC adoption. Nexusguard warns teams to
evaluate the DNSSEC response and security flaw to strengthen systems against future attacks.
"Enterprises have worked hard to patch against snooping, hijacking and other DNS abuses; however, improperly configured DNSSEC-enabled nameservers may be a new plague for unprepared teams," said Juniman Kasman, chief technology officer for Nexusguard. "Admins and IT teams need to check security for the entire network, as well as correctly configure DNSSEC on the domain to properly harden servers against these new attacks."
Hackers also continue to favour multi-vector attacks, blending combinations of network time protocol (NTP), universal datagram protocol (UDP), DNS and other popular attack vectors in more than half of all botnets over the past year, according to Nexusguard's "2017 DDoS Attack Landscape" infographics.
China and the US continued to reign as the top two sources of DDoS attacks in Q4, contributing 21.8 per cent and 14.3 per cent of the botnets, respectively. South Korea climbed to third place, contributing nearly six per cent of the global attacks, up from sixth place last quarter.
Read the full "Q4 2017 Threat Report" for more details.
Founded in 2008, Nexusguard is the global leader in fighting malicious Internet attacks. Nexusguard
protects clients against a multitude of threats, including distributed denial of service (DDoS) attacks, to ensure uninterrupted Internet service. Nexusguard provides comprehensive, highly customised solutions for customers of all sizes, across a range of industries, and also enables turnkey anti-DDoS solutions for service providers. Nexusguard delivers on its promise to maximize peace of mind
by minimisng threats and improving uptime. Visit www.nexusguard.com for more information. 
