The biggest DDoS attack in history that exploited a Network Time Protocol vulnerability has been recorded this week, according to the BBC. The attack measured 400+ gigabits per second – 100 Gbps larger than the one on Spamhaus.
The Network Time Protocol (NTP) is a clock synchronization network protocol between computer systems, operational since 1985. Even if changes were made, the operation process is still pretty much the same.
â€œVery big NTP reflection attack hitting us right now,â€ Matthew Prince, co-founder and CEO of CloudFlare twitted. â€œIf you want us to stop a 400Gbps+ DDoS attack for you, don’t pay with a stolen credit card.â€
NTPâ€™s vulnerability is based on the fact that the amount of data sent back from the NTP is bigger than the amount it receives, resulting in an instant amplification of the attack. Also the NTP can be tricked into sending back data somewhere else by â€œspoofingâ€ the location of the computer that requested the data.
This is what the hackers allegedly did in this attack, ultimately diverting the data to a precise target. The attack was directed at servers in Europe but the target was not clear.
This attack is just the beginning according to Princeâ€™s tweet: â€œStart of ugly things to come.â€