At the same
time there is a significant reduction in the amount of attacks using
NTP-amplifications.
DDoS-attacks
using the NTP-amplification gradually receding into the past, while a new way
to implement them becoming popular among hackers. According to Arbor Networks report
for the third quarter of 2014, hackers are increasingly began to use SSDP
protocol in the implementation of DDoS-attacks.
The company
had used anonymous 300 data networks of its clients to obtain accurate information
about the trends of DDoS-attacks in the third quarter this year. As it turned out, 42% of all
attacks with a capacity of more than 10 gigabits / second are carried out using
the SSDP. This is 4% of all DDoS-attacks.
To
implement SSDP-attacks hackers are using UDP-port 1900. The total number had
increased from 3 attacks in the second quarter to 29,506 in the third quarter this year. Note that the number of
DDoS-attacks using the NTP-amplification continues to decline - in the third
quarter was committed only 5% of the attacks in this manner. However, more than
half of attacks with 100 Gb / s and above is carried out using the NTP.
As the
director of Arbor Networks on architectural solutions Darren Anstee said to
Infosecurity, the number of NTP-attack managed to reduce by attracting public
attention to the need to install the latest updates on vulnerable servers. In
the case of SSDP everything will be much more difficult because the vulnerable
devices are used in houses, and most
users even do not know how to install the update on them.
Source: security.lab
No comments:
Post a Comment