Neustar Research: DNSSEC Reflection Severe DDoS Risk
16.8.2016 13:43 | Business Wire
Neustar, Inc. (NYSE: NSR), a trusted, neutral provider of real-time information services, today published “DNSSEC: How Savvy DDoS Attackers Are Using Our Defenses Against Us a research report that details how Domain Name System Security Extensions (DNSSEC) can be subverted as an amplifier in Distributed-Denial-of-Service (DDoS) attacks. Neustar determined that on average, DNSSEC reflection can transform an 80-byte query into a 2,313-byte response, an amplification factor of nearly 30 times, which can easily cause a network service outage during a DDoS attack, resulting in lost revenue and data breaches.
“DNSSEC emerged as a tool to combat DNS hijacking, but unfortunately, hackers have realized that the complexity of these signatures makes them ideal for overwhelming networks in a DDoS attack,” said Joe Loveless, Director Product Marketing, Security Services, Neustar. “If DNSSEC is not properly secured, it can be exploited, weaponized and ultimately used to create massive DDoS attacks.”
DNSSEC was designed to provide integrity and authentication to DNS, which it accomplishes with complex digital signatures and key exchanges. As a result, when a DNS record is transferred to DNSSEC, an extraordinary amount of additional information is created. Additionally, when issuing the DNS command, “ANY,” the amplified response from DNSSEC is exponentially larger than a normal DNS reply.
Key findings and recommendations from “DNSSEC: How Savvy DDoS Attackers Are Using Our Defenses Against Us” include:
- DNSSEC Vulnerabilities Are Prolific – Neustar examined one industry with 1,349 domains and determined 1,084 of them (80 percent) could be maliciously repurposed as a DDoS attack amplifier (they were signed with DNSSEC and responded to the “ANY” command).
- The Average DNSSEC Amplification Factor is 28.9 – Neustar tested DNSSEC vulnerabilities with an 80-byte query, which returned an average response of 2,313-bytes. The largest amplification response was 17,377-bytes, 217 times greater than the 80-byte query.
- The Anatomy of a DNSSEC Reflection Attack – Neustar illustrates the command and control servers required to run the botnets and scripts that target DNS name servers to execute DNSSEC amplification attacks.
- Best Practices for Mitigation –For organizations that rely on DNSSEC, Neustar recommends ensuring that your DNS provider does not respond to “ANY” queries or has a mechanism in place to identify and prevent misuse.
“Neustar is focused on using connected sciences to connect people, places and things, which is why network security is so imperative,” said Loveless. “As more organizations adopt DNSSEC, it is critically important to understand how to secure it. The time to fix it is now.”
For more information about “DNSSEC: How Savvy DDoS Attackers Are Using Our Defenses Against Us” please visit https://hello.neustar.biz/201608---Security-Services---Trade-Show---Black-Hat_DNSSEC-LP.html.
Every day, the world generates roughly 2.5 quadrillion bits of data. Neustar (NYSE: NSR) isolates certain elements and analyzes, simplifies and edits them to make precise and valuable decisions that drive results. As one of the few companies capable of knowing with certainty who is on the other end of every interaction, we’re trusted by the world’s great brands to make critical decisions some 20 billion times a day. We help marketers send timely and relevant messages to the right people. Because we can authoritatively tell a client exactly who is calling or connecting with them, we make critical real-time responses possible. And the same comprehensive information that enables our clients to direct and manage orders also stops attackers. We know when someone isn’t who they claim to be, which helps stop fraud and denial of service before they’re a problem. Because we’re also an experienced manager of some of the world’s most complex databases, we help clients control their online identity, registering and protecting their domain name, and routing traffic to the correct network address. By linking the most essential information with the people who depend on it, we provide more than 12,000 clients worldwide with decisions—not just data. More information is available at http://www.neustar.biz
Om Business Wire
Business Wire, a Berkshire Hathaway company, is the global leader in multiplatform press release distribution.
Følg saker fra Business Wire
Registrer deg med din epostadresse under for å få de nyeste sakene fra Business Wire på epost fortløpende. Du kan melde deg av når som helst.
Siste saker fra Business Wire
Ford Names New Chairman and CEO for Ford China; New Vice President of Powertrain Engineering23.8.2017 22:00 | Pressemelding
Ford Motor Company today announced a new chairman and CEO of Ford China and head of Powertrain Engineering as it continues to strengthen its global leadership team. Jason Luo is named chairman and CEO Ford China. In his new role, Luo will lead all of the company’s operations in Greater China including its import business, Lincoln, its passenger car joint venture Changan Ford, commercial vehicle investment in Jiangling Motors Corporation, and our operations in Taiwan. Luo, 51, joins Ford from Key Safety Systems, the fastest growing company in the automotive safety market, where he was global president and CEO for the past 10 years. While at Key Safety Systems, he led the business transformation and global expansion of the company and achieved significant revenue growth in China. Luo will be based in Shanghai, reporting to Peter Fleet, Ford group vice preside
Tech21 Announces New Collection Designed to Protect the Samsung Galaxy Note8 Drop After Drop.23.8.2017 17:30 | Pressemelding
Tech21, the leader in impact protection for mobile devices, today announced a new collection of innovative cases and screen shields for the Samsung Galaxy Note8 made of unique, patented impact protection materials that guarantee the most effective drop protection on the market. This Smart News Release features multimedia. View the full release here: http://www.businesswire.com/news/home/20170823005888/en/ Evo Tactical for Samsung Galaxy Note8 (Photo: Business Wire) Tech21 products are designed to protect, drop after drop. The company does this by using scientifically proven impact materials, innovative design and a rigorous testing methodology developed in partnership with the National Physical Laboratory. Tech21 cases are drop tested 20 times to ensure durability and long lasting protection able to withstand the multiple drops that occur in the everyday
2018 AQR Insight Award Call for Papers23.8.2017 15:45 | Pressemelding
AQR Capital Management, LLC (“AQR”) today began accepting submissions for the seventh annual AQR Insight Award. The AQR Insight Award recognizes and rewards exceptional academic papers that have practical applications and offer original, intelligent approaches to issues in the investment world. Up to three papers share a $100,000 annual prize. Winners are chosen by the AQR Insight Award Committee, a panel of senior members of the firm, many of whom are leading academic finance experts from top universities. AQR will accept papers on any investment-related topic as long as they deliver clear, significant insights. Papers must not be published before October 1, 2017. The deadline for entries is November 1, 2017. The Committee will then narrow the finalists to five papers, and the authors of those papers will be invited to present their research to
ANA Announces New Online Content "IS JAPAN COOL? DOU"23.8.2017 15:00 | Pressemelding
Today, All Nippon Airways Co., Ltd. (ANA), Japan’s largest and only 5-Star airline, is proud to announce the launch of its new online content “IS JAPAN COOL? DOU,” which illustrates traditional Japanese culture through the use of cutting-edge technology. This content can be seen on “IS JAPAN COOL?,” a website that promotes tourist destinations and popular Japanese cultures to the world. This Smart News Release features multimedia. View the full release here: http://www.businesswire.com/news/home/20170823005024/en/ "IS JAPAN COOL? DOU" TOP (Graphic: Business Wire) While Japan is widely known for its unique pop culture, “IS JAPAN COOL?,” which launched in 2012, has put much of its focus on promoting Japan’s modern culture. As the number of tourists visiting Japan exceeded 24 million people as of 2016, the project aims to provide a deeper understa
Emailage Receives $10 Million Growth Equity Investment to Accelerate Global Expansion23.8.2017 14:00 | Pressemelding
Emailage, the leading provider of global fraud prevention and identity verification using email address scoring, today announced that it has received a $10 million growth equity investment. Anthos Capital led the investment, with participation from Radian Capital, Wipro Ventures, Mucker Capital and Tallwave Capital. Emailage will use the funding to expand existing partnerships, further advance its powerful email address-based predictive scoring system, and accelerate growth in North America, EMEA, LATAM and other key markets. “This investment will allow us to continue our rapid growth, enhance our leadership position in the online fraud detection market and deliver significant fraud prevention capabilities to businesses around the world,” said Emailage CEO Rei Carvalho. Emailage’s Software-as-a-Service solution delivers powerful, real-time risk intelligence by leveraging the
Westinghouse to Provide Fuel to PSEG’s Salem Nuclear Generating Station Through Continued Partnership23.8.2017 12:15 | Pressemelding
Westinghouse Electric Company today announced that it has signed a nuclear fuel contract extension with PSEG, a major supplier of nuclear power in New Jersey, to continue providing fuel assemblies for both units at the Salem Nuclear Generating Station. “Westinghouse has been the single-source fuel provider for PSEG’s Salem plant since its start of operations more than 40 years ago, and we are pleased to continue to support this important and long-standing customer through the delivery of safe, reliable high-performance fuel,” said David Howell, president, Americas Region, and chief growth officer at Westinghouse. “This continued partnership is recognition of our reliable fuel performance and confirmation of the important trust PSEG has in Westinghouse.” Under the terms of the contract, Westinghouse will deliver its 17x17 Robust Fuel Assemblies, known as RFA-2. The design of
I vårt presserom finner du alle våre siste saker, kontaktpersoner, bilder, dokumenter og annen relevant informasjon om oss.Besøk vårt presserom