Posted by Daniel Waldron on June 2nd, 2015
The rising number of Network Time Protocol DDoS attacks are hitting public sector companies hardest according to Verisign. Why is this happening and what can be done to reduce these attacks? Galleon Systems provides an insight…
DDoS attacks have been much publicised recently, and public sector services are some of the hardest hit.
The most common attack type continues to be the User Datagram Protocol (UDP) amplification attacks leveraging Network Time Protocol (NTP), while Simple Service Discovery Protocol (SSDP) is also being abused.
15 percent of public sector companies suffered DDoS attacks in the final quarter of 2014, representing the highest number of attacks experienced across any industry sector in the later part of the year.
Network time protocol DDoS attacks politically motivated
Verisign attributes the sharp rise in DDoS attacks targeting public sector institutions to attackers’ ‘increased use of DDoS attacks as tactics for politically motivated activism, or hacktivism.’ Specifically, these hackers are purposely targeting international governing organisations.
A report published by iDefense – titled ‘2015 Cyber Threats and Trends’ – reveals that an increase in online and physical protest movements were a major factor in the rising number of DDoS related attacks hitting organisations worldwide, including institutions across the public sector.
Verisign was also able to record DDoS attack activity in volume. Data shows that attacks were hitting 60 gigabits per second (Gbps), which is the equivalent of 16 Million packets per second (Mpps) for UDP floods and 55 Gbps/60 Mpps for Transfer Control Protocol (TCP) type attacks.
Cloud/IT/SaaS/Services were subjected to the most number of attacks in the final quarter of 2014, with 33% of companies suffering malicious activity. Attacks aimed at financial services doubled, with 15% of institutions targeted.
December was the month of DDoS attacks against public sector institutions, recording more than any other month in 2014. In particular, the Christmas season was rife with DDoS attacks.
Verisign’s report also shows that 42% of attacks peaked at more than 1 Gbps, with 17 percent leveraging more than 10 Gbps of DDoS traffic.
At the root of the problem with DDoS attacks is the rising number of DDoS-for-hire services available. Known as ‘booters’ they represent a massive risk for security professionals because it enables almost anyone to hire skilled cyber criminals to instigate a DDoS attack for just $2 USD per hour.
How can a Galleon time server device supress DDoS attacks?
The primary benefit of using Galleon Systems’ Network Time Servers is that the majority of technologies do not require connection to the internet in order to operate, immediately reducing the threat posed by a DDoS attack.
However, even if Galleon NTP servers are internet connected, units will operate from behind your firewall, leaving no open UDP 123 ports. If your firewall is breached, there is a solution that exists in the form of a ‘fix’ to combat the effects of a Network Time Protocol DDoS attack.
To further highlight the benefit of purchasing a Galleon Systems NTP time server, rather than relying on a public time server, independent cyber security consultant, Professor Alan Woodward, says this: “A lot of these free internet network time protocols are essential, however, they are not secure.”
With a Galleon Systems NTP time server, security remains the number one priority.
Therefore, one-off purchase of a Galleon NTP unit will offer protection against potential Network Time Protocol DDoS attacks, which in the long-term will save you time and the expense of dealing with the aftermath of a system breach.
Galleon Systems has a range of GPS NTP time servers, Radio NTP time servers and dual NTP time server units (a combination of GPS and radio technology), the majority of which function independently of internet connectivity.
Each NTP server unit is capable of synchronising time for individual computers or entire networks, whilst protecting against the threat of Network Time Protocol DDoS attacks.
Customers can choose from an extensive range of Network Time Servers to eliminate the threat of Network Time Protocol DDoS attacks. The following models are available:
- The NTS-6001 (available as a GPS, MSF or dual GPS/MSF unit)
- The NTS-4000 (available as a GPS or MSF unit)
- The NTS-8000 (available as a GPS, MSF or dual GPS/MSF unit)
Hundreds of public sector institutions, worldwide, use Galleon devices as a secure accurate time source, including:
- The Bank of England
- On Energy
- Norwich & Peterborough Building Society
- NHS Scotland
- Mount Sinai Hospital, New York
Incentives to invest | Defend against network time protocol DDoS attacks
Rather than viewing the purchase of a Galleon NTP time server as a purchase to protect against Network Time Protocol DDoS attacks, view it from the perspective of protecting your entire business operation.
Hackers are capable of intercepting sensitive data and could force your service offline, jeopardising the ability of your business to operate. The cost of such an incident occurring is not only financial, but time consuming, with time being a commodity you can ill afford to lose.
Investment in a Galleon NTP time server eliminates the need to rely on public time servers which, as exposed by the impact of Network Time Protocol DDoS attacks, are fundamentally flawed. The long-term benefits of buying a Galleon NTP time server far outweigh the benefits of relying on a public time server.
Other perks of purchasing a Galleon NTP time server include a six (6) year warranty and free product lifetime technical support, guarantees that a public time server cannot provide. Allay your fears of a DDoS attack with purchase of a dedicated NTP time server from Galleon Systems.