DDoS Attacks That Employ TCP Amplification Cause Network Congestion, Secondary Outages

Over the past month, threat actors have been using a relatively non-conventional approach to mount a flurry of distributed denial-of-service (DDoS) attacks: through TCP amplification.

Security company Radware shared its observations on multiple campaigns involving Transmission Control Protocol (TCP) reflection attacks, specifically SYN-ACK reflection attacks, against companies across the world. The scope of the impact was said to spread on the account that the attacks did not only affect the intended targets, but the networks used to generate the DDoS flood as well.

The affected networks were flooded with SYN traffic and used as reflection services, which led to network congestion and, in some cases, secondary outages. The targets may also be at risk of being blacklisted by network administrators because of the spoofed SYN requests.

Read more…
Source: Trend micro