DNS amplification attacks have grown 4,788 per cent in the third quarter of 2018, a new Nexusguard Threat Report says. The report claims that Domain Name System Security Extensions (DNSSEC) are still the main growth drivers for the attacks, but adds that there has been a “sharp rise” in TCP SYN Flood attacks.
Although not exactly a novelty, these attacks have risen in popularity as hackers learned how to make them more sophisticated and harder to tackle. These attacks are now the third most popular type, right behind DNS amplification and HTTP flood attacks.
Nexusguard says that criminals usually go for attack types that allow them to amplify damage beyond required resources, something that wasn’t exactly easy to achieve with DNS amplification. That being said, SYN Flood reflection attacks are growing in popularity as any server with an open TCP port can be used as a solid attack vector.
SYN Flood reflection attacks can wreak havoc not only on the victim, but on other individuals, businesses and their organisations. As a result of the attack, these collaterals end up processing large volumes of spoofed requests, sending bandwidth fees sky high.
“Our research findings revealed that even plain-vanilla network attacks could be turned into complex, stealthy attacks leveraging advanced techniques, from the bit-and-piece attacks, also known as carpet bombing, we identified last year, to the emergence of Distributed Reflective DoS (DRDoS) attacks in the third quarter," said Juniman Kasman, chief technology officer for Nexusguard.
"Telcos and enterprises must take note while these tactics don’t cause notable strain on network bandwidth, which may go undetected, but that they are powerful enough to impact their service. Advanced mitigation techniques are required to address these threats.”
The full report can be found on this link.