- Anzeigen -


Sie sind hier: Home » Markt » World-wide News » Products & News

NTP amplification attacks


Prolexic Issues High Alert DDoS Attack Threat Advisory
High-Bandwidth NTP Amplification DDoS Attacks Escalate 371 Percent in the Last 30 Days

(11.04.14) - Prolexic Technologies specialist in Distributed Denial of Service (DDoS) protection services, now part of Akamai, issued a high alert threat advisory on NTP amplification DDoS attacks. This attack method has surged in popularity this year, fueled by the availability of new DDoS toolkits that make it simple to generate high-bandwidth, high-volume DDoS attacks against online targets.

"During the month of February, we saw the use of NTP amplification attacks surge 371 percent against our client base," said Stuart Scholly, SVP/GM Security, Akamai Technologies. "In fact, the largest attacks we’ve seen on our network this year have all been NTP amplification attacks."

While NTP amplification attacks have been a threat for many years, a number of new DDoS attack toolkits have made it easier for malicious actors to launch attacks with just a handful of servers. With the current batch of NTP amplification attack toolkits, malicious actors could launch 100 Gbps attacks – or larger – by leveraging just a few vulnerable NTP servers.

A troubling DDoS attack trend

In just one month (February 2014 vs. January 2014):

● >> The number of NTP amplification attacks increased 371.43 percent
● >> Average peak DDoS attack bandwidth increased 217.97 percent
● >> The average peak DDoS attack volume increased 807.48 percent

Unlike the largest attacks of the past two years, the NTP amplification attacks were not focused on any particular sector. Industries targeted by NTP amplification attacks in February included finance, gaming, e-Commerce, Internet and telecom, media, education, software-as-a-service (SaaS) providers and security.

Lesen Sie zum Thema Software-as-a-Service auch: SaaS-Magazin.de (www.saasmagazin.de)

In the Prolexic Security Engineering & Response Team (PLXsert) lab environment, simulated NTP amplification attacks produced amplified responses of 300x or more for attack bandwidth and 50x for attack volume, making this an extremely dangerous attack method.

PLXsert’s NTP Amplification Attack threat advisory provides a detailed analysis of the threat, sample payloads, recommended DDoS protection and mitigation techniques, as well as case studies on two NTP amplification attack campaigns directed against Prolexic clients.

Prolexic Threat Advisories
Designed to provide early warnings of new or modified DDoS denial of service attack signatures and scripts, recently observed by PLXsert, each threat advisory contains a detailed description of the type of DDoS attack, a list of attack signatures, and the specific network infrastructure or application that it targets. In addition, Prolexic’s DDoS mitigation experts also offer insight into the nature of each type of attack, as well as provide specific warnings as to how the attack will affect businesses and enterprises of different sizes and infrastructures. (Akamai: ra)

Akamai: Kontakt und Steckbrief

Der Informationsanbieter hat seinen Kontakt leider noch nicht freigeschaltet.


Meldungen: Products & News

  • NTP amplification attacks

    Prolexic Technologies specialist in Distributed Denial of Service (DDoS) protection services, now part of Akamai, issued a high alert threat advisory on NTP amplification DDoS attacks. This attack method has surged in popularity this year, fueled by the availability of new DDoS toolkits that make it simple to generate high-bandwidth, high-volume DDoS attacks against online targets.

  • Launching Crippling Reflection Attacks

    Prolexic Technologies, specialist in Distributed Denial of Service (DDoS) protection services, issued a high alert DDoS attack threat advisory on the DNS Flooder v1.1 toolkit. The toolkit makes it faster and easier for malicious actors to launch crippling reflection attacks and will likely be widely adopted in the DDoS-as-a-Service market, potentially increasing the number of attacks.

  • 110609_wor_akt_imperva

    Imperva warns Boy-in-the-Browser (BITB) attacks are gaining force as they continue to evade traditional anti-malware software. Tomer Bitton, from the Imperva Application Defense Center, explains, "Many are familiar with Man-in-the-Browser (MitB) attacks, but most are unaware of the lesser known Boy-in-the-Browser (BitB). Not as sophisticated as MitB, BitB malware has evolved from traditional key loggers and browser session records.

  • 110621_wor_akt_trusteer

    Co-operative Financial Services (CFS) has launched a new free service that protects its customers against the threat of online attacks from fraudsters and cyber criminals. The service called "Trusteer Rapport" provides customers with additional protection for their personal information when they use their computer to access their bank account online. Rapport will also warn customers of further risks such as phishing attacks; prevent Trojans from capturing their details and inhibit any interference with online communications.

  • 110624_wor_akt_imperva