Yet another service-denying attack has disrupted the web and is using magnified methods to escalate the threat.
This time, Lightweight Directory Access Protocol (LDAP), a directory service for corporate companies, has been attacked, victimizing the customers of companies including Corero Network Security. The attack occurred through Connectionless LDAP, which utilizes User Datagram Protocol (UDP) to redirect websites to fake IP addresses.
Like any DDoS attack, websites shut down due to a multitude of bots sending traffic to the servers until they crash. Then, with UPD, these attacks become even more vicious, as they increase to amplification factors ranging from 46x to 55x, knocking out websites in masses. And unfortunately for the victims, the bots are challenging to track, as the attacks are hidden within third-party servers.
With the current rise of DDoS attacks, we’re seeing more sophisticated strategies develop every day to further harm and confuse victims. Within that strategy – the more bots an attacker possesses, the more they can distribute attacks to many other servers.
Services like LDAP and UPD are very vulnerable and highly unrecommended. Along with these services, others including DNS (which was compromised in last month’s DDoS attack), NTP, SNMP, SSDP and CHARGEN have been attacked as well.
In efforts to slow down the attacks, blacklists have been put in place for networks like DNS and NTP. However, with few attackers currently using LDAP and UPD, these systems were not on the radar until now.
Speculations on the future of DDoS attacks suggest that if IoT devices don’t tighten up their security, threats could escalate to 10Tbps.
Taking charge of your server’s infrastructure is essential. Fortunately, with OSG’s experienced IT professionals, the securing process is simple. First, we’ll help you re-evaluate your IT strategy, which will include getting you the best firewall protection for your business’ needs. Then, we’ll show you the best practices to ensure your IT is secured from every angle.