DNS amplification attacks surged by 1000% in the second quarter of this year, a new report by Nexusguard shows. Researchers trace the explosion in amplification campaigns to Domain Name System Security Extensions (DNSSEC).
A recent mandate by the US Office of Management and Budget orders government domains to implement DNSSEC as a security measure against DNS cache poisoning attacks. While DNSSEC provides protection against such attacks, Nexusguard found that threat actors are taking advantage of the long responses generated by DNSSEC in order to amplify DNS traffic.
Read more: DNS amplification attacks increase by 1,000% since 2018