Neustar Research: DNSSEC Reflection Severe DDoS Risk
Neustar, Inc. (NYSE: NSR), a trusted, neutral provider of real-time information services, today published “DNSSEC: How Savvy DDoS Attackers Are Using Our Defenses Against Us a research report that details how Domain Name System Security Extensions (DNSSEC) can be subverted as an amplifier in Distributed-Denial-of-Service (DDoS) attacks. Neustar determined that on average, DNSSEC reflection can transform an 80-byte query into a 2,313-byte response, an amplification factor of nearly 30 times, which can easily cause a network service outage during a DDoS attack, resulting in lost revenue and data breaches.
“DNSSEC emerged as a tool to combat DNS hijacking, but unfortunately, hackers have realized that the complexity of these signatures makes them ideal for overwhelming networks in a DDoS attack,” said Joe Loveless, Director Product Marketing, Security Services, Neustar. “If DNSSEC is not properly secured, it can be exploited, weaponized and ultimately used to create massive DDoS attacks.”
DNSSEC was designed to provide integrity and authentication to DNS, which it accomplishes with complex digital signatures and key exchanges. As a result, when a DNS record is transferred to DNSSEC, an extraordinary amount of additional information is created. Additionally, when issuing the DNS command, “ANY,” the amplified response from DNSSEC is exponentially larger than a normal DNS reply.
Key findings and recommendations from “DNSSEC: How Savvy DDoS Attackers Are Using Our Defenses Against Us” include:
- DNSSEC Vulnerabilities Are Prolific – Neustar examined one industry with 1,349 domains and determined 1,084 of them (80 percent) could be maliciously repurposed as a DDoS attack amplifier (they were signed with DNSSEC and responded to the “ANY” command).
- The Average DNSSEC Amplification Factor is 28.9 – Neustar tested DNSSEC vulnerabilities with an 80-byte query, which returned an average response of 2,313-bytes. The largest amplification response was 17,377-bytes, 217 times greater than the 80-byte query.
- The Anatomy of a DNSSEC Reflection Attack – Neustar illustrates the command and control servers required to run the botnets and scripts that target DNS name servers to execute DNSSEC amplification attacks.
- Best Practices for Mitigation –For organizations that rely on DNSSEC, Neustar recommends ensuring that your DNS provider does not respond to “ANY” queries or has a mechanism in place to identify and prevent misuse.
“Neustar is focused on using connected sciences to connect people, places and things, which is why network security is so imperative,” said Loveless. “As more organizations adopt DNSSEC, it is critically important to understand how to secure it. The time to fix it is now.”
For more information about “DNSSEC: How Savvy DDoS Attackers Are Using Our Defenses Against Us” please visit https://hello.neustar.biz/201608---Security-Services---Trade-Show---Black-Hat_DNSSEC-LP.html.
Every day, the world generates roughly 2.5 quadrillion bits of data. Neustar (NYSE: NSR) isolates certain elements and analyzes, simplifies and edits them to make precise and valuable decisions that drive results. As one of the few companies capable of knowing with certainty who is on the other end of every interaction, we’re trusted by the world’s great brands to make critical decisions some 20 billion times a day. We help marketers send timely and relevant messages to the right people. Because we can authoritatively tell a client exactly who is calling or connecting with them, we make critical real-time responses possible. And the same comprehensive information that enables our clients to direct and manage orders also stops attackers. We know when someone isn’t who they claim to be, which helps stop fraud and denial of service before they’re a problem. Because we’re also an experienced manager of some of the world’s most complex databases, we help clients control their online identity, registering and protecting their domain name, and routing traffic to the correct network address. By linking the most essential information with the people who depend on it, we provide more than 12,000 clients worldwide with decisions—not just data. More information is available at http://www.neustar.biz
Om Business Wire
(c) 2018 Business Wire, Inc., All rights reserved.
Business Wire, a Berkshire Hathaway company, is the global leader in multiplatform press release distribution.
Følg saker fra Business Wire
Registrer deg med din epostadresse under for å få de nyeste sakene fra Business Wire på epost fortløpende. Du kan melde deg av når som helst.
Siste saker fra Business Wire
Summer Business with Yourtyres.co.uk: New Shop Feature and High-Performance Tyre Models16.3.2018 14:11 | Pressemelding
Each year, summer trade means great challenges for car garages and tyre dealers. As a result and at just the right time, Yourtyres.co.uk, the online trade customer shop by Europe’s leading online tyre dealer Delticom, is introducing a new feature intended to make the daily work of the shop’s customers easier: An advice mode is available from now on at Yourtyres.co.uk. When changing from the purchasing to the sales view, the individual end customer prices are displayed instead of the actual purchase prices. In order to use this feature, users of Yourtyres.co.uk simply have to insert their individual markups for the different item groups. From the markup and the purchase price, the online shop automatically calculates the personal end customer price. The usual purchasing view is also still available. This press release features multimedia. View the full release here: http://www.businesswire.com/news/home/20180316005448/en/ An advice mode immediately helps trade customers use the full pot
Available Now: The Smartphone Made for the Way We Communicate Today, the Galaxy S9 and S9+16.3.2018 12:00 | Pressemelding
Samsung Electronics America, Inc. announced that the new, award-winning Galaxy S9 and Galaxy S9+, which have been recognized by smartphone reviewers worldwide for their best-in-class display, design and camera, are now available for purchase at U.S. wireless network providers and retail stores. The phones come in three colors: Midnight Black, Coral Blue, and the new Lilac Purple. The Galaxy S9 has a suggested retail price of $719.99, while the Galaxy S9+ is available for $839.99. Both unlocked and carrier versions of the Galaxy S9 and Galaxy S9+ are also available for purchase on Samsung.com. This press release features multimedia. View the full release here: http://www.businesswire.com/news/home/20180316005175/en/ Designed for the way we communicate today, Samsung's new Galaxy S9 and Galaxy S9+ are available in the U.S. at wireless network providers, retailers and on Samsung.com. (Photo: Business Wire) “The Galaxy S9 and S9+ are designed for the visual and social generation—the consum
CONQUEST Group Announced the Expansion of its Asset Management Business with the Appointment of Philippe Taillardat to the Role of Director16.3.2018 09:00 | Pressemelding
Philippe Taillardat brings to CONQUEST over 25 years of Asset Management and Investment Banking experience, primarily in principal investing, financial advisory, equity and debt financing across global infrastructure and sustainable energy sectors. This press release features multimedia. View the full release here: http://www.businesswire.com/news/home/20180316005030/en/ Philippe Taillardat (Photo: CONQUEST Group) Philippe was most recently Co-Head of Infrastructure Investments Europe at First State Investments, which he helped transform into one of the leading billion+ European infrastructure fund manager in core / core+ strategies. Earlier in his career, Philippe held various senior banker and investment roles at Amundi, Credit Agricole CIB, Credit Suisse, AXA and BNP Paribas. Frédéric Palanque, Managing Director of CONQUEST Group, said, "We are delighted to welcome such a recognized professional. CONQUEST is trusted for providing value-added advice in complex and highly confidential
AccelStor All-Flash Solutions Unlock Data Possibilities for AI and Cloud16.3.2018 09:00 | Pressemelding
AccelStor, an innovative all-flash array (AFA) provider for the big data era, is excited to announce its participation in the upcoming Cloud Expo Europe, taking place from March 21 to 22 at Booth C1850 in the ExCel London exhibition centre. Besides presenting latest all-flash storage solutions breaking through performance and availability barriers for artificial intelligence (AI), virtualization and private cloud, AccelStor will present a live demonstration of its new generation NeoSapphire high availability models, one of the highlights not to be missed this year. This press release features multimedia. View the full release here: http://www.businesswire.com/news/home/20180316005010/en/ AccelStor's new generation NeoSapphire High Availability all-flash array AccelStor NeoSapphire all-flash arrays are highly integrated with virtualization and private cloud platforms, supporting VMware vSphere and OpenStack Cinder. NeoSapphire’s “high availability” series features symmetric active-activ
Westinghouse Completes First Major Decommissioning Work at a Nordic Commercial Nuclear Reactor16.3.2018 08:45 | Pressemelding
Westinghouse Electric Company announced today that it has completed a major decommissioning project at the former Barsebäck nuclear power plant in Skåne, Sweden. Barsebäck Unit 2 ceased operation in 2005 and decommissioning work began in August 2016. Westinghouse’s scope of work included the underwater segmentation and packaging of the reactor vessel internals, as well as the upfront engineering studies and equipment manufacturing and qualification. “Westinghouse is proud to deliver this major decommissioning project on time and on budget,” said Yves Brachet, Westinghouse senior vice president, Global Decommissioning, Decontamination, Remediation and Waste Management. “Our global expertise in this area will help our customers in the Nordic region to safely manage a variety of end-of-life opportunities for commercial nuclear power plants.” Leadership at Barsebäck Kraft AB (BKAB) is equally satisfied with this successful initial step of the first dismantling of a commercial nuclear power
Lighting Manufacturer LTS Licht & Leuchten, Part of the Fargerhult Group, to Offer Selected Spot- & Downlights with Seoul Semiconductor’s SunLike Series Natural Spectrum LEDs16.3.2018 08:02 | Pressemelding
Seoul Semiconductor, a global innovator of LED products and technology, announced that its SunLike Series natural spectrum LEDs, which implement light closest to the spectrum of natural sunlight, has been adopted for selected luminaires of LTS Licht & Leuchten GmbH, a German manufacturer of high-quality luminaires for hospitality, retail, and office applications. This press release features multimedia. View the full release here: http://www.businesswire.com/news/home/20180316005206/en/ LTS Jett 100 spotlights equipped with SunLike LED technology (Photo: Business Wire) LTS has adopted SunLike natural spectrum LEDs for selected products, including the Jett 100 and CSA 60 spotlights. A series of spotlights with a discreet and individual appearance, and clear, straightforward design lines, Jett spotlights harmoniously blend in with any type of retail application. The high color rendering and superior luminous intensity of these spotlights enable lighting designers to achieve accentuated ar