NTP amplification DDoS attacks on the up

Prolexic Technologies, an expert in Distributed Denial of Service (DDoS) protection services, has issued a high alert threat advisory on NTP amplification DDoS attacks. This attack method has surged in popularity this year, fuelled by the availability of new DDoS toolkits that make it simple to generate high-bandwidth, high-volume DDoS attacks against online targets. A Network Time Protocol (NTP) Amplification attack is an emerging form of Distributed Denial of Service (DDoS) that relies on the use of publicly accessible NTP servers to overwhelm a victim system with traffic.

“During the month of February, we saw the use of NTP amplification attacks surge 371 percent against our client base,” said Stuart Scholly, SVP/GM Security, Akamai Technologies, Prolexic’s parent company. “In fact, the largest attacks we’ve seen on our network this year have all been NTP amplification attacks.”

While NTP amplification attacks have been a threat for many years, a number of new DDoS attack toolkits have made it easier for malicious actors to launch attacks with just a handful of servers. With the current batch of NTP amplification attack toolkits, malicious actors could launch 100 Gbps attacks – or larger – by leveraging just a few vulnerable NTP servers.

Between January and February this year:

●The number of NTP amplification attacks increased 371.43 percent

●Average peak DDoS attack bandwidth increased 217.97 percent

●The average peak DDoS attack volume increased 807.48 percent

Unlike the largest attacks of the past two years, the NTP amplification attacks were not focused on any particular sector. Industries targeted by NTP amplification attacks in February included finance, gaming, e-Commerce, internet and telecom, media, education, software-as-a-service (SaaS) providers and security.

In the Prolexic Security Engineering & Response Team (PLXsert) lab environment, simulated NTP amplification attacks produced amplified responses of 300x or more for attack bandwidth and 50x for attack volume, making this an extremely dangerous attack method.

A complimentary copy of the threat advisory is available at www.prolexic.com/ntp-amplification.

Check Also

Scientific Games unveils three new employees to its leadership team

Scientific games has strengthened its leadership team by announcing three new additions to the company.  …

German Länder eye gambling supervisory unit opportunities

Bundesrat debate has begun on which Länder (state) legislator should become the leading ‘supervisory authority’ …

William Hill to reshuffle leadership after O’Brien and Whitlam step down

William Hill continues to see a number of changes to its senior management after Ciaran …