AI DevwWrld CyberDSA Chatbot Summit Cyber Revolution Summit CYSEC Global Cyber Security & Cloud Expo World Series Digital Identity & Authentication Summit Asian Integrated Resort Expo Middle East Low Code No Code Summit TimeAI Summit

DoS loop: new threat on UDP protocol puts digital security at risk

300,000 systems exposed: how to deal with the innovative attack that exploits UDP vulnerabilities

CISPA has discovered a cyber attack, called Loop DoS, that targets systems using UDP, causing endless traffic between servers with fake IP addresses. Around 300,000 devices are at risk. Security patches and preventative methodologies are recommended to avoid this.

This pill is also available in Italian language

The CISPA Helmholtz Center for Information Security, a German institution, recently uncovered a novel cyber threat targeting systems that employ the User Datagram Protocol (UDP) for communication. Known as Loop DoS, this malicious technique can cause an endless dialogue between servers through the use of manipulated IP addresses, compromising the availability of the affected services. UDP, known for its connectionless data transmission method, emerges as an ideal candidate for these types of spoofing attacks. Analysts estimate that up to 300,000 systems are exposed to risk due to this vulnerability.

Characteristics of the Loop DoS attack and its targets

The operation of the Loop DoS attack is based on generating uninterrupted communications between servers operating on vulnerable versions of UDP, via spoofed IP addresses. This activity generates an incessant exchange of error messages, draining the resources of the systems involved. Some of the common protocols subject to this attack include DNS, NTP, TFTP, as well as older ones like QOTD, Chargen, and Echo. Research shows that even modern protocols are susceptible, thus broadening the scope of the attack.

The current context and possible solutions

Although approximately 300,000 potentially vulnerable hosts have been identified, there are currently no reported cases of actual attacks. A preliminary report has exposed various hardware devices potentially at risk, including products from recognized brands such as Arris, Cisco and D-Link. Following the discoveries, specific vulnerabilities, such as CVE-2024-1309 for Honeywell devices, were communicated to manufacturers for investigation and fixes.

Prevention and mitigation strategies

To effectively combat Loop DoS, CERT/CC experts recommend promptly applying the security patches provided by the manufacturers, capable of neutralizing the highlighted critical issues. Alternatively, they suggest replacing devices that are no longer supported by updates. The configuration of advanced firewalls, the adoption of the TCP protocol and the use of request validation techniques prove to be other valid preventive measures. Finally, implementing anti-spoofing and Quality of Service (QoS) policies further strengthens protection against potential Loop DoS attacks.

Follow us on Instagram for more pills like this

03/23/2024 09:51

Marco Verro

Last pills

Italy's success in cybersecurityHow Italy achieved excellence in global cybersecurity: strategies, collaborations, and international successes

IntelBroker alleged breach of Deloitte systemsServer exposed: how Deloitte's security may have been compromised by a cyber attack

Vo1d infections on Android TV boxes: how to protect your devicesLearn the essential measures to protect your Android TV boxes from the dreaded Vo1d malware and keep your devices safe from cyber threats

Hacker attack in Lebanon: Hezbollah under fireTechnological shock and injuries: cyber warfare hits Hezbollah in Lebanon