“During the month of February, we saw the use of NTP amplification attacks surge 371 percent against our client base,” said Stuart Scholly, SVP/GM Security, Akamai Technologies. “In fact, the largest attacks we’ve seen on our network this year have all been NTP amplification attacks.”
While NTP amplification attacks have been a threat for many years, a number of new DDoS attack toolkits have made it easier for malicious actors to launch attacks with just a handful of servers. With the current batch of NTP amplification attack toolkits, malicious actors could launch 100 Gbps attacks – or larger – by leveraging just a few vulnerable NTP servers.
In just one month (February 2014 vs. January 2014):
- The number of NTP amplification attacks increased 371.43 percent
- Average peak DDoS attack bandwidth increased 217.97 percent
- The average peak DDoS attack volume increased 807.48 percent.
In the Prolexic Security Engineering & Response Team lab environment, simulated NTP amplification attacks produced amplified responses of 300x or more for attack bandwidth and 50x for attack volume, making this an extremely dangerous attack method.
Reading our newsletter every Monday will keep you up-to-date with security news.
Receive a daily digest of the latest security news.