Massive Cyber-attack an “Ugly Sign of the Future” for Online Threats

by Matt Klassen on February 13, 2014

Hackers were able to exploit an antiquated protocol within the very structure of the Internet to wage a massive cyber-attack across Europe, online security specialist Cloudfare reported earlier this week, one that the firm believes is the “start of ugly things to come.” The attack, which reached more than 400Gbps at its peak, is the largest Denial of Service (DoS) attack on record—a particular kind of cyber-attack that forces huge amounts of data on a particular target, causing it to fail.

The cyber-criminals were able to use weaknesses inherent in the Network Time Protocol (NTP), a backbone system used to synchronise computer clocks, to overwhelm servers with massive amounts of data traffic. Although the target of this particular attack is unknown, experts warn that using such out-dated protocols to deliver similar crippling DoS attacks could be employed against popular services, forcing them offline.

So what does this mean? For starters, the antiquated foundation of the Internet is just that, old and obsolete, and no matter how many times such protocols are updated or overhauled, the reality is that they’re based on programming that is now almost 30 years old, and hackers will continue to find ways to exploit vulnerabilities inherent in such programming to deliver ever-increasingly destructive attacks.

Understanding the construction of the Internet can be a challenge for most people, as it’s easy to lose sight of the fact that the digital world is built on a brick and mortar foundation, a massive collection of servers around the world. Those servers all play different roles in the formation of the web, some acting as hosts for websites while others play more integral roles of providing the backbone structure upon which everything else operates.

NTP servers, which number in the thousands around the world, are part of this backbone, designed to keep computers synchronised to the same time. The basic concepts of the NTP were born way back in 1985, and while changes to system have been made since then, the basic premise still functions in exactly the same way. When a computer needs to synch its clock with the NTP it sends a small packet of data to make a request, with the NTP servers responding by sending data back to the computer.

As BBC tech reporter Dave Lee explains, “The vulnerability lies with two weaknesses. Firstly, the amount of data the NTP sends back is bigger than the amount it receives, meaning an attack is instantly amplified…Secondly, the original computer’s location can be “spoofed”, tricking the NTP into sending the information back to somewhere else.”

What’s truly interesting in this particular story is that such an attack using the Internet’s NTF backbone protocol was predicted several months ago now, with Cloudfare’s own report offering helpful solutions for how web hosts could protect their user base. While it’s unknown how the report was received at the time, given this debilitating cyber-attack you better believe companies will be listening to such advice in an effort to shore up defences on their own servers as such an attack serves as an “ugly sign of the future” for the changing landscape of cyber-crime.

Did you like this post ? TheTelecomBlog.com publishes daily news, editorial, thoughts, and controversial opinion – you can subscribe by: RSS (click here), or email (click here).

Written by: Matt Klassen. www.digitcom.ca. Follow TheTelecomBlog.com by: RSS, Twitter, Facebook, or YouTube.

Previous post:

Next post: