grandeduc - Fotolia
Risk & Repeat: Assessing the Memcrashed attacks
In this week's Risk & Repeat podcast, SearchSecurity editors discuss the Memcrashed exploit and the recent trend of record-setting DDoS attacks against enterprises.
A new wave of record-setting distributed denial-of-service attacks have struck enterprises, changing the DDoS threat landscape yet again.
A DDoS amplification attack known as Memcrashed was discovered generating attacks as big as 1.7 terabits per second. Memcrashed exploits UDP port 11211 and uses Linux servers running memcached, an open source caching tool.
The attack is only possible when the memcached servers are exposed to the public internet, but it can generate an amplification factor of more than 51,000. In addition, security vendors have discovered more than 25,000 servers running exposed memcached servers that can be used for the exploit.
The Memcrashed attacks struck software code repository GitHub and numerous other websites. However, those attacks were successfully repelled by DDoS mitigation providers. In addition, Corero Network Security discovered what it calls a kill switch that can further mitigate these memcached DDoS attacks.
How serious is the threat of Memcrashed? Who is behind these attacks, and what is their motive? What kind of risks do protocols like memcached and UDP pose to enterprises? SearchSecurity editors Rob Wright and Peter Loshin discuss those questions and more in this episode of the Risk & Repeat podcast.