Recent news show the increase of large scale attacks exploiting specific vulnerabilities of the Internet core protocols. In the latest cases, the Network Time Protocol (NTP), which allows synchronizing devices to the coordinated universal time (UTC), has been misused. Specifically, in December 2013, a vulnerability in this UDP protocol became mainstream and started to be exploited for large scale reflection attacks leading to a dramatic increase of the size of denial of services. Luckily, network providers can already put in place a series of known countermeasures to mitigate these threats, as ENISA underlined also for amplification attacks in April 2013.
Published on February 24, 2014