The majority (92 percent) of organizations are taking steps to minimise the risk from amplified distributed denial-of-service (DDoS) attacks utilising Memcached servers, according to new survey-based research from the Neustar International Security Council (NISC).
With security researchers already issuing a variety of warnings, Memcached has dominated recent cyber security headlines, delivering amplified DDoS cyber-attacks. The rise in these threats has clearly not gone unnoticed; with 98 percent of survey respondents agreeing the attacks will become the ‘norm’.
In order to avoid becoming the next victim of Memcached, organizations have taken a number of precautions, including installing firewalls (62 percent), consulting DDoS mitigation providers and security professionals (53 percent), limiting external traffic to ports (38 percent) and installing the latest Memcached 1.5.6 version, which disables UDP protocol (33 percent).
The survey also revealed that during January and February this year, DDoS attacks – such as Memcached – were most likely to be perceived as an increasing threat to organizations at 46 percent, with ransomware (45 percent) and social engineering (44 percent) following closely behind. Overall, 43 percent of respondents claimed to have been on the receiving end of a DDoS attack.
Rodney Joffe, Chairman of NISC and Neustar Senior Vice President and Fellow, commented on the findings: “Cyber-criminals are constantly innovating to create more covert, more powerful and more crippling forms of attacks, with the latest addition to the mix being Memcached.”
“The potency of these type of attacks and their ability to flood victims with Internet traffic has left organizations overwhelmed and clearly worried about where the next cyber-threat will come from. However, while operating with a number of individual traits, Memcached attacks do still share some similarities with all other DDoS amplification attacks, meaning we have a starting point to learning how to mitigate against them.”
“For organizations to stand a chance at protecting their servers and more broadly, their business, User Datagram Protocol (UDP) on the inappropriate ports should be disabled and the necessary DDoS mitigation should be in place. While these are low-level tactics, many enterprises are still failing to implement them, leaving themselves vulnerable and unsecure.”
In March 2018, 301 interviews were completed across five EMEA markets: France, Germany, Italy, Spain and the UK, as well as in the US. Survey respondents hold senior positions such as CTO, Director of IT and Security Consultant, including business managers, senior directors and other professionals with a security remit.