Published November 11, 2013
Reflection attacks have two victims: the unwilling third-party server that is compelled to launch distributed denial of service (DDoS) attack traffic and the attackers’ intended DDoS target. For both victims the effect is similar – slow performance or an outage that prevents legitimate users from accessing the targeted site.
Learn how the powerful tools, methods and services in the underground DDoS marketplace can launch devastating reflection attacks targeting your organization
In 2013, Distributed Reflective Amplification Denial of Service (DrDoS) attacks against enterprises in multiple industries increased significantly. These attacks inundate the target with floods of Layer 3 requests that make use of network protocols such as DNS, SNMP and CHARGEN, a protocol that many consider to be obsolete.
The use of DDoS attacks that take advantage of reflection techniques can be attributed to the increase in the number of misconfigured servers. In addition, the DDoS-as-a-Service marketplace makes acquiring lists of misconfigured services simple for would-be attackers.
The commodification of lists of vulnerable servers is not a new phenomenon within the underground. However, the surge in availability and demand for lists of servers specifically vulnerable to reflection attacks was first observed in 2013.
Akamai® is the leading provider of cloud services for helping enterprises provide secure, high-performing user experiences on any device, anywhere. At the core of the Company's solutions is the Akamai Intelligent Platform providing extensive reach, coupled with unmatched reliability, security, visibility and expertise. Akamai helps enterprises around the world optimize the web experience with SaaS cloud computing solutions including web application acceleration, mobile and web performance optimization, web media delivery and content delivery network (CDN) services, Akamai's cloud security solutions protect online assets against threats such as SQL Injection and DDoS attacks for maximum information security. Akamai removes the complexities of connecting the increasingly mobile world, supporting 24/7 consumer demand, and enabling enterprises to securely leverage the cloud.