Massive Denial-of-Service Attacks Pick Up Steam, New Nefarious Techniques Network World (01/14/14) Messmer, Ellen The recent distributed denial-of-service (DDoS) attacks on several online gaming sites used a new type of assault on the victims. A network time protocol (NTP) amplification attack used publicly accessible NTP servers to overwhelm a victim system with UDP traffic. This is the first time Ive ever seen volumetric NTP at noteworthy levels, says Black Lotus CEO Shawn Marck, CEO. The DerpTrolling group took credit for the attack. Although Marck believes the group did it for the thrill of disrupting online games, the hit is regarded as dangerous proof of a new DDoS attack vector. The U.S. Computer Emergency Readiness Team says unpatched vulnerabilities allowed the servers to be exploited. However, Defense.net founder Barrett Lyon believes the older NTP servers cannot prevent the level of exploitation in NTP amplification attacks because the older gear does not support processes such as rate-limiting that might prevent it. In addition, some attackers are taking an unusual approach by exploiting the latest mobile devices to launch DDoS attacks.
Posted on: Fri, 17 Jan 2014 02:30:28 +0000