AI DevwWrld Chatbot Summit Cyber Revolution Summit CYSEC Global Cyber Security & Cloud Expo World Series Digital Identity & Authentication Summit Asian Integrated Resort Expo Middle East Low Code No Code Summit TimeAI Summit

DoS loop: new threat on UDP protocol puts digital security at risk

300,000 systems exposed: how to deal with the innovative attack that exploits UDP vulnerabilities

CISPA has discovered a cyber attack, called Loop DoS, that targets systems using UDP, causing endless traffic between servers with fake IP addresses. Around 300,000 devices are at risk. Security patches and preventative methodologies are recommended to avoid this.

This pill is also available in Italian language

The CISPA Helmholtz Center for Information Security, a German institution, recently uncovered a novel cyber threat targeting systems that employ the User Datagram Protocol (UDP) for communication. Known as Loop DoS, this malicious technique can cause an endless dialogue between servers through the use of manipulated IP addresses, compromising the availability of the affected services. UDP, known for its connectionless data transmission method, emerges as an ideal candidate for these types of spoofing attacks. Analysts estimate that up to 300,000 systems are exposed to risk due to this vulnerability.

Characteristics of the Loop DoS attack and its targets

The operation of the Loop DoS attack is based on generating uninterrupted communications between servers operating on vulnerable versions of UDP, via spoofed IP addresses. This activity generates an incessant exchange of error messages, draining the resources of the systems involved. Some of the common protocols subject to this attack include DNS, NTP, TFTP, as well as older ones like QOTD, Chargen, and Echo. Research shows that even modern protocols are susceptible, thus broadening the scope of the attack.

The current context and possible solutions

Although approximately 300,000 potentially vulnerable hosts have been identified, there are currently no reported cases of actual attacks. A preliminary report has exposed various hardware devices potentially at risk, including products from recognized brands such as Arris, Cisco and D-Link. Following the discoveries, specific vulnerabilities, such as CVE-2024-1309 for Honeywell devices, were communicated to manufacturers for investigation and fixes.

Prevention and mitigation strategies

To effectively combat Loop DoS, CERT/CC experts recommend promptly applying the security patches provided by the manufacturers, capable of neutralizing the highlighted critical issues. Alternatively, they suggest replacing devices that are no longer supported by updates. The configuration of advanced firewalls, the adoption of the TCP protocol and the use of request validation techniques prove to be other valid preventive measures. Finally, implementing anti-spoofing and Quality of Service (QoS) policies further strengthens protection against potential Loop DoS attacks.

Follow us on WhatsApp for more pills like this

03/23/2024 09:51

Editorial AI

Last pills

Career opportunities in Italian intelligence: entering the heart of securityFind out how to join the intelligence forces and contribute to national security

Hacker attack impacts Microsoft and US federal agenciesNational security implications and strategic responses to credential theft

Implications and repercussions of the serious cyberattack on the Lazio NHSConsequences and punitive measures after the ransomware attack that brought the regional healthcare system to its knees

Telecommunications security: flaw exposes conversations and 2FA to the risk of interceptionRisk of privacy violation through call diversion: measures and industry responses