World's largest Denial of Service attack caused by vulnerability in the infrastructure of the web
New method of DoS attack exploits flaw in thousands of 'time keeping servers' that keep internet-connected devices running on the same clock
Hackers have exploited a key vulnerability in the infrastructure of the internet to mount what has been described by security researchers as the world’s largest Denial of Service (DoS) attack.
Hacks of this type are used to overwhelm web services by flooding them with requests for data and are a key weapon in the arsenal of hacking collectives such as Anonymous as well as government bodies.
The severity of DoS attacks are measured in gigabits-per-second (Gbps), with this recent example tipping 400Gbps – more than 100gbps larger than the previous record. The destructive traffic was absorbed by the servers of CloudFlare, a company that specialises in protecting against just such attacks.
Matthew Prince, the chief executive of CloudFlare, commented on Twitter: “Someone’s got a big, new cannon. Start of ugly things to come.”
The attack was exceptional not just due to its size but also because of its method, which took advantage of a type of server that is used to keep time on the internet, a Network Time Protocol (NTP) server.
Thousands of these servers are distributed across the world in order to keep devices in sync with one another. Although as a counting method time simply advances forward, if one system is ahead or behind others problems will quickly arise. For the computers involved emails would arrive before they were sent, or instructions received for events in the past.
In a blogpost by CloudFlare explaining the method, the example is given of an NTP server run by Apple called "time.euro.apple.com". Mac devices which are set to this time-zone will then quietly send requests to the server to make sure their clocks are synchronised. NTP servers themselves are set to Coordinated Universal Time (UTC).
There are two vulnerabilities with this system. Firstly, the information sent out by NTP servers is several times larger than the original request, and secondly these requests are subject to ‘spoofing’, meaning that hackers can trick the servers into sending data back to different addresses.
Combining these two qualities means that NTP servers can be essentially used as amplifiers by hackers. They send requests for data to them and redirect the server’s reply to an unsuspecting site, overwhelming it with traffic.
Sending information about the time might not sound like it would be data intensive, but a simple test conducted by CloudFlare was able to create an “amplification factor” of 206x. This means that a hacker in control of a 1Gbps connection would be able to direct an attack of 206Gbps against a target.
Web admins can implement some simple updates to mitigate these attacks but some in the tech community are worried that ISPs will be too slow – or ignorant – to properly protect their sites. Until all vulnerable systems are fixed, security experts are warning that more attacks like this are likely.
Life & Style blogs
New £3 pill that will help stop you drinking too much available on the NHS
Dame Vivienne Westwood: The former Queen of Punk may now be an establishment pillar, but her work is still controversial – and much copied
Revealed: Lidl’s £4 perfume smells identical to Chanel’s £70 scent - but the difference is in the bottle
Girl, 7, gets Tesco to remove 'stupid' sign suggesting superheroes are 'for boys'
Coke milk? Coca-Cola to launch premium milk brand called Fairlife
Rochester by-election: Ukip gains second MP as Tory defector Mark Reckless holds seat
'Beast of Bolsover' Dennis Skinner takes Ukip MP Mark Reckless to task moments after he is sworn in
Ukip says babies born to immigrants in the UK should be classed as migrants – which would include Nigel Farage’s own children
Rochester by-election: Labour MP Emily Thornberry resigns after posting white van and England flags tweet
The young are the new poor: Sharp increase in number of under-25s living in poverty, while over-65s are better off than ever
Tamir Rice: 12-year-old boy playing with fake gun dies after being shot by Ohio police
- 1 I'm A Celebrity 2014: Jungle security stepped up after murder and 'suspicious death' near to camp
- 2 To help fuel their propaganda machine against the poor, our government has now decided to redefine the word 'welfare'
- 3 Jeremy Hunt: 'I took my children to A&E because I didn't want to wait for GP appointment'
- 4 Girl, 7, gets Tesco to remove 'stupid' sign suggesting superheroes are 'for boys'
- 5 This letter from a reader explains why women can’t play football
iJobs Gadgets & Tech
Negotiable: Argyll Scott International: Senior Business Analyst - Insurance ...
Negotiable: Recruitment Genius: This consulting firm are searching for an Adva...
£20000 - £26000 per annum: Ashdown Group: Desktop Support Analyst - Sutton, Su...
£15k - 18k per year + Benefits & OTE: Opilio Recruitment: Digital Media, Mob...