"DDoS Attackers Have Found This New Trick to Knock Over Websites"

Distributed Denial-of-Service (DDoS) attackers have been observed using a new technique to knock websites offline, which involves targeting middleboxes such as firewalls to amplify junk traffic attacks. Amplification attacks have helped malicious actors knock over servers with short traffic bursts. According to the content distribution network firm, Akamai, there has recently been a surge of attacks using Transmission Control Protocol (TCP) Middlebox Reflection. Akamai revealed that the attacks reached 11 Gbps at 1.5 million packets per second (Mpps). Researchers at the University of Maryland and the University of Colorado Boulder released a paper last August, revealing that attackers could use middleboxes through TCP to amplify DDoS attacks. Most DDoS attacks use the User Datagram Protocol (UDP) to amplify packet delivery by sending packets to a server that replies with a larger packet size, which are then forwarded to the attacker's target. The TCP attack leverages network middleboxes that do not follow the TCP standard. The researchers discovered hundreds of thousands of IP addresses that could amplify attacks by more than 100 times through the use of firewalls and content filtering devices. This article continues to discuss the new technique being used by DDoS attackers to amplify attacks. 

ZDNet reports "DDoS Attackers Have Found This New Trick to Knock Over Websites"