Enterprise networks and telcos must take heed of the resurgence of old threats to avoid junk traffic consuming user bandwidth
SAN FRANCISCO, USA - Media OutReach - 6 January 2020 - DNS amplification attacks continue to increase in number, growing 4,788% over Q3 2018, according to Nexusguard's Q3 2019 Threat Report. DNSSEC (Domain Name System Security Extensions) remains the main driver of growth of DNS amplification attacks in the quarter, yet Nexusguard analysts have detected a sharp and concerning rise in TCP SYN Flood attacks. TCP SYN Flood is not a new method, but findings indicate that techniques have grown in sophistication and have emerged as the third most used attack vector, behind DNS amplification and HTTP flood attacks.
Cyberattackers have long favored DDoS attacks that amplify damage beyond the resources required, but suitable reflectors or amplifiers are not as widely available for DNS amplification and memcached reflection attacks. In contrast, any server with an open TCP port is an ideal attack vector, and such reflectors are widely available and easy to access to cause SYN Flood reflection attacks.
Consequently, SYN Flood reflection not only hits targeted victims, but also can impact innocent users, including individuals, businesses, and other organizations. These innocent victims end up having to process large volumes of spoofed requests and what appear to be legitimate replies from the attack target. As a result, bystanders can incur hefty fees for bandwidth consumed by junk traffic, or even suffer from secondary outages.
"Our research findings revealed that even plain-vanilla network attacks could be turned into complex, stealthy attacks leveraging advanced techniques, from the bit-and-piece attacks, also known as carpet bombing, we identified last year, to the em ..
Support the originator by clicking the read the rest link below.
