Posted by Daniel Waldron on January 26th, 2016
Network Time Protocol … You care about it because it keeps your clocks synchronised. But lately, new internet Network Time Protocol attacks continue to expose its weaknesses.
Does it worry you? If not, it should. Now’s the time to learn how to future proof your business against such threats.
The internet and Network Time Protocol (NTP) are old friends. NTP was there at the very dawn of what we now know as the web. It’s been around for more than 30 years carrying, a reputation as one the oldest internet protocol’s still in use.
There’s no denying the significance of Network Time Protocol, after all, it’s the foundation on which all clock synchronisation is built. That’s some responsibility. Banks, emergency services and IT data centres are just some of the facilities that rely on NTP.
The state of Network Time Protocol is significant to a few, despite the fact that it functions for so many, all of whom are probably oblivious to – or don’t even care about – the accuracy of time. That’s despite the fact that accurate time is probably responsible for making sure they’re paid on time.
Yet, like you, we care about the state of NTP and it concerns us that it’s constantly being exploited to wreak havoc across the internet.
The issue is, the web has evolved and this has led to the emergence of hackers who consider it a challenge to exploit NTP in order to cause debilitating outages, snoop on encrypted communications and in the latest attacks, tamper with Bitcoin transactions.
While the web has evolved, NTP hasn’t and battling against continued attacks has become somewhat of a patchwork project. The fact is, NTP attacks cannot be stopped – that’s been established as there seems to be a news headline every month at the moment covering the latest NTP attack in its latest form.
NTP attacks are much like a cold, they come and go, but they always come back in a different form. However, are the attacks really the problem?
News stories, blogs and press releases all do very well to tell us of the latest attack, the weaknesses of NTP and the seemingly impending dawn of doom for the internet.
Therefore, we can surmise that attacks aren’t the problem, but the lack of a clear solution is.
Have you noticed that very rarely is a solution put before us to actually tackle the problems affecting the internet’s time synchronisation mechanism? It’s about time that was put right…
Preventing internet Network Time Protocol attacks now and in the future
First, let’s establish why attacks are occurring. It’s not all down to the hackers, yes they’re the ‘bad guys or girls’, but when no measures are taken to protect connections between computers and NTP servers, i.e. through encryption, it’s basically an open invite for hackers.
It’s a bit like having a work colleague who’s heard about your Christmas get together with friends. You let them know about the party at your house, but you don’t particularly want them there. However, you don’t not invite them and they know where you live and turn up anyway.
That’s an analogy you can relate to that sort of describes how a hacker views the connection between your computer and your internet time server.
The attraction of internet time servers is that they’re free, but given the current frequency of NTP attacks, the cost of having an internet time server will hit you in other ways.
If you like the idea of your computer network suffering debilitating outages or having your encrypted communications spied upon, then carry on as you are.
If you don’t fancy facing these problems and the knock-on effects of having your business or institution brought to its knees, it’s time to stop doing things the old way.
Do it this way… Get your hands on an internal NTP server.
Before you ask, no they’re not free, but they can help to reduce the risk of suffering from the current wave of NTP attacks, which will ultimately save you from counting the cost of having your business or institution brought to a standstill because your computer network has been compromised.
You might be thinking that all this talk of NTP attacks is scaremongering so that NTP time server suppliers can flog some products.
That’s not the case, the problem is very real – just ask Cloudfare – a company that exists to protect against DDoS attacks, including NTP-based attacks. Just two years ago they ‘come a cropper’ to what was the largest NTP attack at the time.
A recent report titled ‘Attacking the Network Time Protocol’, describes attacks on NTP as ‘rife’ and ‘progressively more sophisticated.’ However, malicious attacks are preventable, so enough talk of the problems.
The solution – and the future of computer network protection that will stamp out NTP exploitation – is the internal NTP server.
Simply put, an internal NTP server can be setup behind your firewall, meaning you’re not exposed to the same exploits that are possible through an internet time server.
Alternatively, your NTP server can be connected to the internet if that’s what you’d prefer. Because the NTP packets are delivered to an internal time server cryptically, your computer network is still protected, even if it is hooked up to the web.
Do something about new internet NTP attacks today
If you rely on accurate time and you’re using a free internet time server, it’s time to ditch the old-school way and invest in the future.
Cyber security is becoming more and more crucial, so we recommend Galleon’s all-new NTS-6002 GPS NTP time server, which supports cryptographically signed NTP packets for your computer network protection.