Take the First Step Toward Cybersecurity Excellence
Fill in your details below to inquire about Nexusguard Academy or the courses. Whether you're looking to upskill, advance your career, or protect your organization, we have the right training for you.
¿Por qué Nexusguard?
Más de 15 años
de excelencia en ciberseguridad
Más de 100 personas confían en nosotros
Socios ISP globales
Protegiendo a 50 000
ASN en todo el mundo
Más de 40
Centros de depuración de DDoS dedicados
Más información sobre los cursos de Nexusguard Academy
Comencemos la conversación
Estamos aquí para ayudarlo a transformar la protección contra DDoS de una vulnerabilidad constante en una ventaja estratégica para su empresa. Comparta sus datos y nuestro equipo se pondrá en contacto con usted para explorar cómo Nexusguard puede ayudarle a alcanzar sus objetivos.
¿Por qué Nexusguard?
Más de 15 años
de excelencia en ciberseguridad
Más de 100 personas confían en nosotros
Socios ISP globales
Protegiendo a 50 000
ASN en todo el mundo
Más de 40
Centros de depuración de DDoS dedicados
Communications Service Provider
Others
Afghanistan
Albania
Algeria
Andorra
Angola
Antigua and Barbuda
Argentina
Armenia
Australia
Austria
Azerbaijan
Bahamas
Bahrain
Bangladesh
Barbados
Belarus
Belgium
Belize
Benin
Bhutan
Bolivia
Bosnia and Herzegovina
Botswana
Brasil
Brunei
Asegure su lugar ahora
Access Your Free Virtual Demo
Discover how Nexusguard’s DDoS protection solutions can save you time, money, and stress. Fill out the form to get instant access to our exclusive virtual demo.
Why Nexusguard?
Over 15 Years
of Cybersecurity Excellence
Trusted by 100+
Global ISP Partners
Protecting 50,000
ASNs Worldwide
40+
Dedicated DDoS Scrubbing Centers
Communications Service Provider
Others
Bulgaria
Burkina Faso
Burundi
Cabo Verde
Cambodia
Cameroon
Canada
Central African Republic
Chad
Chile
China
Colombia
Comoros
Congo (Congo-Brazzaville)
Costa Rica
Croatia
Cuba
Cyprus
Czechia (Czech Republic)
Côte d'Ivoire
Democratic Republic of the Congo
Denmark
Djibouti
Dominica
Dominican Republic
Secure Your Spot Now
DDoS Amplification Attacks Skyrocketed in Q4, Revealed by Nexusguard Research
Published On
March 13, 2018
More than half of all attacks exploit multiple vector combinations.
Distributed denial of service (DDoS) attacks using domain name server (DNS) amplification increased more than 357 percent in the fourth quarter of 2017, compared to 2016, according to Nexusguard’s “Q4 2017 Threat Report.” The quarterly report, which measured thousands of attacks from around the world, attributes the skyrocketing attacks to servers enabled with Domain Name System Security Extensions (DNSSEC), a significant new risk if not properly configured. Although they’re intended to add integrity and security to the DNS protocol, DNSSEC-enabled servers can be deliberately targeted to reflect amplification attacks, due to the large size of the responses they generate.
Nexusguard’s quarterly distributed denial of service (DDoS) reports are based on the company’s collection of real-time data regarding threats facing enterprises and service provider networks around the world. The company gathers data from botnet scanning, Honeypots, internet service providers (ISPs) and traffic moving between attackers and their targets to help companies identify vulnerabilities and stay informed about global attack trends. Although the overall number of DDoS attacks fell 12 percent compared to the same period last year, a new class of powerful botnets may appear from wider DNSSEC adoption. Nexusguard warns teams to evaluate the DNSSEC response and security flaw to strengthen systems against future attacks.
“Enterprises have worked hard to patch against snooping, hijacking and other DNS abuses; however, improperly configured DNSSEC-enabled nameservers may be a new plague for unprepared teams,” said Juniman Kasman, chief technology officer for Nexusguard. “Admins and IT teams need to check security for the entire network, as well as correctly configure DNSSEC on the domain to properly harden servers against these new attacks.”
Hackers also continue to favor multi-vector attacks, blending combinations of network time protocol (NTP), universal datagram protocol (UDP), DNS and other popular attack vectors in more than half of all botnets over the past year, according to Nexusguard’s “2017 DDoS Attack Landscape” infographic. China and the U.S. continued to reign as the top two sources of DDoS attacks in Q4, contributing 21.8 percent and 14.3 percent of the botnets, respectively. South Korea climbed to third place, contributing nearly six percent of the global attacks, up from sixth place last quarter.
Read the full "Q4 2017 Threat Report" for more details.
Distributed denial of service (DDoS) attacks using domain name server (DNS) amplification increased more than 357 percent in the fourth quarter of 2017, compared to 2016, according to Nexusguard’s “Q4 2017 Threat Report.” The quarterly report, which measured thousands of attacks from around the world, attributes the skyrocketing attacks to servers enabled with Domain Name System Security Extensions (DNSSEC), a significant new risk if not properly configured. Although they’re intended to add integrity and security to the DNS protocol, DNSSEC-enabled servers can be deliberately targeted to reflect amplification attacks, due to the large size of the responses they generate.
Nexusguard’s quarterly distributed denial of service (DDoS) reports are based on the company’s collection of real-time data regarding threats facing enterprises and service provider networks around the world. The company gathers data from botnet scanning, Honeypots, internet service providers (ISPs) and traffic moving between attackers and their targets to help companies identify vulnerabilities and stay informed about global attack trends. Although the overall number of DDoS attacks fell 12 percent compared to the same period last year, a new class of powerful botnets may appear from wider DNSSEC adoption. Nexusguard warns teams to evaluate the DNSSEC response and security flaw to strengthen systems against future attacks.
“Enterprises have worked hard to patch against snooping, hijacking and other DNS abuses; however, improperly configured DNSSEC-enabled nameservers may be a new plague for unprepared teams,” said Juniman Kasman, chief technology officer for Nexusguard. “Admins and IT teams need to check security for the entire network, as well as correctly configure DNSSEC on the domain to properly harden servers against these new attacks.”
Hackers also continue to favor multi-vector attacks, blending combinations of network time protocol (NTP), universal datagram protocol (UDP), DNS and other popular attack vectors in more than half of all botnets over the past year, according to Nexusguard’s “2017 DDoS Attack Landscape” infographic. China and the U.S. continued to reign as the top two sources of DDoS attacks in Q4, contributing 21.8 percent and 14.3 percent of the botnets, respectively. South Korea climbed to third place, contributing nearly six percent of the global attacks, up from sixth place last quarter.
Read the full "Q4 2017 Threat Report" for more details.
Ready to Safeguard Your Web Assets?
Protect your critical infrastructure effortlessly with Nexusguard’s reliable and easy-to-manage DDoS protection. Speak with one of our network security experts to learn how we can simplify your security operations and give you peace of mind.
