The DDoS attacks They are intended to make a server, such as a web page, not respond correctly. This means that it will stop working and, in the case of a website, we will not be able to access it. Hackers can create botnets or botnets to be able to send thousands and thousands of requests and cause these types of problems. Now, this new attack is capable of taking advantage of even devices with few resources.
New method to amplify DDoS attacks
It is logical to think that not all teams have the same capacity. We are talking about the same Internet speed or its own characteristics to make requests of this type and get to saturate a server. Therefore, the more powerful a computer is, the better for hackers who want to use it.
However, a new method is capable of amplifying DDoS attacks to enormous levels. Specifically, they are able to achieve a 6533% amplification. This allows them to carry out attacks of this type with very limited equipment in terms of bandwidth and specifications and achieve their objective.
The security researchers behind this discovery have named this method TCP Middlebox Reflection. With middlebox they refer to a device that is responsible for inspecting packets or filtering the content by monitoring and transforming the packet flows exchanged between two devices on the Internet.
What they achieve is abuse vulnerable firewalls and use specially crafted TCP packet sequences that cause devices to issue a voluminous response. They saw a 33-byte packet that triggered a 2,156-byte response, so they multiplied by 65.
They ensure that there hundreds of thousands of devices of this type that can be exploited all over the world. They can pull off high-impact DDoS attacks without the need for powerful equipment or high bandwidth.
They have already detected attacks of this type exploited in real life. However, so far they have had little impact. The most significant, as indicated, reached 11 Gbps. However, they believe that it is only a matter of time before they improve their techniques and achieve much more significant attacks.
Being protected, essential against these attacks
We always say that it is very important to be properly protected. Have a good antivirus, keep everything up to date and avoid making mistakes that could affect our security and privacy. In the case of avoiding DDoS attacks, it is the same, although it will not always depend on us.
An example are the attacks against a web page. Here the main thing is to detect unusual traffic as soon as possible and take action. But it is also essential to choose a good provider or use the prevention of DDoS attacks in the cloud, as well as to protect the security of that website at all times.
Something similar happens when we talk about attacks DDoS directed against routers. They must be protected at all times and no mistake must be made that could affect security. It is also essential to use a good firewall with marked rules to reduce the impact of this type of threat.