Researchers have identified a new form of denial-of-service (DoS) attack, dubbed the “Loop DoS” attack, which poses a threat to a vast number of systems worldwide. This novel attack exploits application-layer protocols that utilize the User Datagram Protocol (UDP), potentially jeopardizing hundreds of thousands of hosts.
Mechanism of the Loop DoS Attack
The Loop DoS attack method involves interconnecting servers that utilize these protocols in a manner that causes them to engage in continuous communication, as stated by the CISPA Helmholtz-Center for Information Security. Due to UDP’s design as a connectionless protocol that does not verify the authenticity of source IP addresses, it is particularly vulnerable to IP spoofing attacks. In such scenarios, attackers can craft UDP packets with a forged source IP address, prompting the destination server to mistakenly send responses to the actual owner of the IP address rather than the attacker, leading to a reflected DoS scenario.
Vulnerability of UDP Protocol Implementations
A deeper investigation has revealed that certain implementations of the UDP protocol, including but not limited to DNS, NTP, TFTP, Active Users, Daytime, Echo, Chargen, QOTD, and Time, are susceptible to being manipulated into creating an endless loop of responses. This self-sustaining attack mechanism involves two network services responding endlessly to each other’s messages, thereby generating substantial traffic that culminates in a DoS condition for the affected systems or networks. Remarkably, once this loop is initiated, even the attackers cannot halt it.
Endless Response Loop: A Self-Perpetuating Attack Mechanism
The fundamental concept is that when one server, operating on a vulnerable version of a protocol, is deceived into communicating with another server by having its address spoofed, it triggers a cascade of error messages between the two servers. This continuous exchange depletes the resources of the involved servers, rendering them unresponsive.
According to Yepeng Pan and Christian Rossow, the researchers behind this discovery, the scenario unfolds when an error generated by one system provokes another error from a second system, leading to an endless exchange of error messages between them.
Estimating the Potential Impact and Preventative Measures
The CISPA research team estimates that approximately 300,000 hosts, along with their networks, could be exploited to conduct Loop DoS attacks. Although there have been no reported instances of this attack being used maliciously in real-world scenarios, the simplicity of its execution raises significant concerns. The vulnerability affects a range of products from leading companies including Broadcom, Cisco, Honeywell, Microsoft, MikroTik, and Zyxel. The researchers emphasize the importance of initiatives like BCP38, which aim to filter spoofed traffic, in mitigating the risks associated with such attacks.
How Can Netizen Help?
Netizen ensures that security gets built-in and not bolted-on. Providing advanced solutions to protect critical IT infrastructure such as the popular “CISO-as-a-Service” wherein companies can leverage the expertise of executive-level cybersecurity professionals without having to bear the cost of employing them full time.
We also offer compliance support, vulnerability assessments, penetration testing, and more security-related services for businesses of any size and type.
Additionally, Netizen offers an automated and affordable assessment tool that continuously scans systems, websites, applications, and networks to uncover issues. Vulnerability data is then securely analyzed and presented through an easy-to-interpret dashboard to yield actionable risk and compliance information for audiences ranging from IT professionals to executive managers.
Netizen is an ISO 27001:2013 (Information Security Management), ISO 9001:2015, and CMMI V 2.0 Level 3 certified company. We are a proud Service-Disabled Veteran-Owned Small Business that is recognized by the U.S. Department of Labor for hiring and retention of military veterans.
Questions or concerns? Feel free to reach out to us any time –
https://www.netizen.net/contact
