The biggest DDoS attack in history that exploited a Network Time Protocol vulnerability has been recorded this week, according to the BBC. The attack measured 400+ gigabits per second – 100 Gbps larger than the one on Spamhaus.
The Network Time Protocol (NTP) is a clock synchronization network protocol between computer systems, operational since 1985. Even if changes were made, the operation process is still pretty much the same.
“Very big NTP reflection attack hitting us right now,” Matthew Prince, co-founder and CEO of CloudFlare twitted. “If you want us to stop a 400Gbps+ DDoS attack for you, don’t pay with a stolen credit card.”
NTP`s vulnerability is based on the fact that the amount of data sent back from the NTP is bigger than the amount it receives, resulting in an instant amplification of the attack. Also the NTP can be tricked into sending back data somewhere else by “spoofing” the location of the computer that requested the data.
This is what the hackers allegedly did in this attack, ultimately diverting the data to a precise target. The attack was directed at servers in Europe but the target was not clear.
The NTP malicious use was predicted a while ago by Prof Alan Woodward of Surrey University and by CloudFlare in a published report.
This attack is just the beginning according to Prince`s tweet: “Start of ugly things to come.”
tags
Still the youngest Bitdefender News writer, Lucian is constantly after flash news in the security industry, especially when something is vulnerable or exploited.
View all postsNovember 14, 2024
September 06, 2024