FBI warns companies of the emergence of new types of DDOS attacks
The American FBI has warned companies in the United States of new forms of DDoS attacks. More recently, distributed denial-of-service attacks are said to have seen criminals misuse network protocols that have not been previously deployed.
In a notification to industries, the federal police warns of the emergence of new forms of distributed denial-of-service attacks against companies. The FBI says it has seen an increase in attempts to carry out such attacks since February. The service specifically mentions a vulnerability in the open source protocols in Jenkins servers, which can be used to perform DDOS attacks. While the FBI has not yet seen active exploitation, the Jenkins vulnerability could theoretically be exploited to amplify existing attacks more than a hundred times over, the FBI warns.
According to the FBI, criminals are increasingly using methods that have not yet been used more often in DDoS attacks. Those methods were mainly chosen because they make the attacks bigger. In the attacks, the criminals use network protocols that are often used by companies themselves. This makes it more difficult to distinguish attacking traffic from legitimate traffic.
Except for the Jenkins vulnerability, the FBI warns specifically about Constrained Application Protocol or CoAP attacks, Web Services Dynamic Discovery or WS-DD, and Apple’s Remote Management Services or ARMS. All attacks are amplification attacks, where a certain attack is multiplied with minimal means and thus amplified. Companies would use the protocols in their networks or IoT devices and therefore not disable them as quickly to prevent DDOS attacks.
According to the FBI, the warning is primarily intended to enable companies to better prepare for DDoS attacks. For example, they can talk to their hosting providers or they can invest in mitigations via third parties.