Home / / 'Unprecedented' spike in DDoS attack size reported

'Unprecedented' spike in DDoS attack size reported

Spike driven by proliferation of NTP reflection/amplication attacks, says Arbor Networks

'Unprecedented' spike in DDoS attack size reported
Average NTP traffic globally in February 2014 was 351.64 GB/s, Arbor said

Arbor Networks has reported an "unprecedented" spike in the size of volumetric DDoS attacks in Q1 2014, driven by the proliferation of NTP reflection/amplification attacks.

The report was released along with data derived from Arbor's Atlas threat monitoring infrastructure, a collaborative effort made up of 300 service provider customers which share anonymous traffic data with the vendor.

The data showed that average NTP traffic globally in November 2013 was 1.29 GB/s, but by February 2014, it was 351.64 GB/s. NTP was in 14% of DDoS events overall, but 56% of events over 10 GB/s and 84.7% of events over 100 GB/s, Arbor said.

"The spike in the size and frequency of large attacks so far in 2014 has been unprecedented," said Arbor's director of solutions architects, Darren Anstee. 

"These attacks have become so large, they pose a very serious threat to Internet infrastructure, from the ISP to the enterprise."

NTP is a UDP-based protocol used to synchronise clocks over a computer network. Any UDP-based service including DNS, SNMP, NTP, chargen, and RADIUS is a potential vector for DDoS attacks because the protocol is connectionless and source IP addresses can be spoofed by attackers who have control of compromised or ‘botted' hosts residing on networks which have not implemented basic anti-spoofing measures. 

Arbor said that NTP is popular due to its high amplification ratio of approximately 1,000 times. Furthermore, attacks tools are becoming readily available, making these attacks easy to execute, the vendor added.

Follow us to get the most comprehensive IT Security news delivered fresh from our social media accounts on Facebook, Twitter, Youtube, and listen to our Weekly Podcast. Click here to sign up for our weekly newsletter on curated technology news in the Middle East and Worldwide.

REGISTER NOW | Webinar Event | Security you can bank on – Safeguarding the Middle East’s financial sector

Presented in partnership with security and network specialist Cybereason, the second in the three part webinar series will bring together a panel of experts to discuss how banks and financial institutions are evolving their service offering while simultaneously staying one step ahead of the cyber criminals who seek to bring their operations crashing to the ground.