DDoS attacks have been hitting the headlines over the past few years, with a number of high-profile cases causing catastrophic effects for many businesses. However, a new kind of attack is on our radar.
Meet the memcached attack.
We’re all well-acquainted with the DDoS attacks of recent years that have knocked out even the highest-flying channels. The Mirai botnet attack on Dyn in October 2016 brought down popular websites such as Netflix, the Guardian, Reddit, CNN and Twitter. “100,000 malicious endpoints” were detected as Dyn was bombarded with traffic, causing havoc for big business and internet users alike.
The effects of DDoS attacks can be long-lasting and expensive to fix, and onslaughts are only getting stronger.
The latest to rear its head however, is something called a ‘memcached attack’ – which is said to be 2018’s next ‘big thing’ in cybersecurity.
You might cry, “not another one!”, but the threat is very real.
On Wednesday this week, 1.35 terabits per second of traffic hit the open software platform GitHub all at once. It was (at the time) the most powerful distributed denial of service attack recorded to date—and it used an increasingly popular DDoS method.
The way in which the attack was conducted was called an ‘amplification attack’, which takes advantage of exposed servers with improper or no firewall configurations.
But what is it?
If you don’t know what a memcached attack is, it’s basically a DDoS attack method utilising memcached servers exposed to the public internet, which results in a number of extremely large DDoS attacks. It involves spoofing a target’s IP address to the default UDP port on available memcached amplifiers, which return much larger responses to the target.
The attacks appear to be getting larger by the day.
Arbor Networks is now reporting that a US service provider suffered a 1.7Tbps attack earlier this month, breaking the previous record set last week! In this case, there were no outages as the provider had taken adequate safeguards, but it’s clear that the memcached attack is a feature network managers are going to have to take extremely seriously in the future.
Not only this but two versions of code to run memcached-based DDoS attacks have been published online, alongside the IP addresses of 17,000 exposed memcached servers. This means that people with very little technical knowledge can run these assaults from their own homes.
With attacks on the rise, get in the know about your security and protect your business at every level. Don’t leave your cyber-defences to chance.
DDoSX® investigates all attacks and generates a unique fingerprint for each attack, identifying and redirecting this traffic away from your webserver, keeping your business online and functional.