Every January starts a year fresh, so the word “new” is on everybody’s mind.
However, this year has started with something new IT staff don’t want to hear: a new way to bring down Web sites.
Earlier this week severs of a number of online game services were taken down by what has been called a never before seen attack.
According to a report in Ars Technica, the technique attacked time-synchronization servers running the network time protocol – hence its called an NTP attack. It’s similar to a denial of service attack through domain name servers.
NTP servers synchronize computer systems to mitigate variable network latency. (For more see this entry in Wikipedia.)
NTP reflection made up 69 per cent of all DoS attack traffic by volume, according to the head of DoS mitigation firm Black Lotus. The average size of each NTP attack was about 7.3 gigabits per second.
This is not good news for the start of a year where security promises to be one of the key topics thanks to the revelations of Edward Snowden.