Memcached abuse opens door to massive DDoS attacks

A new reflection attack was unveiled today which can increase the size of a DDoS attack by 51,000-fold.  It uses memcached, an object caching system designed to speed up web applications, to amplify attacks against a target.  This represents a substantial increase from previous attacks, which have used network time servers to amplify attacks 58-fold and DNS servers to amplify attacks 50-fold.

Attacks seen this week have surpassed 500 Gbps, which is pretty amazing considering only a small percentage of publicly-available memcached servers are being used to launch those attacks.  It’ll be interesting to see if any larger attacks are launched in the coming weeks… and what their targets will be.

The article over at Ars Technica is pretty good, and is worth a read.

Ryan Brooks

Published byRyan Brooks

I’m a Process Engineer for Charter Communications’ IT Security Process Engineering team. I write about things that interest me– energy, history, technology, information security, and the future. Opinions are mine, not my employer's. You can contact me by emailing ryan@experimentalthoughts.com

No Comments

%d bloggers like this: