Cybercriminals Abuse Network Time Protocol for DDOS Attacks
DNS amplification distributed denial-of-service (DDOS) is not the only type of efficient DDOS attack. Over the past days, researchers have spotted Network Time Protocol (NTP) reflection attacks being launched by cybercriminals.
They are abusing poorly configured servers to launch cyberattacks against the systems of various organizations.
On December 16, the number of IPs involved in such attacks peaked at almost 15,000. This is a considerable increase, taking into account that before December 7, the IP count was less than 1,000.
NTP is used to synchronize time between various devices within a network. Since it’s not an important protocol, network administrators often neglect to upgrade it and configure it properly.
According to experts from Symantec, NTP can be a highly efficient DDOS tool. That’s because an attacker can send a small forged request to which the server responds with a large amount of data.