Hackers Mount Denial-of-Service Attack With Computer Clock Tool

Image: Data cables connected to a server are seen in Stuttgart, Germany
An expert warned the latest attack is only the start of ugly things to come. Thomas Kienzle / ASSOCIATED PRESS file

Hackers used a weakness in the Internet system that sets the time on computers' clocks in order to overload a victim's servers with traffic, in what is reportedly the largest-ever such cyberattack.

The common hacking method is called a distributed denial-of-service (DDoS) attack, in which Web services receive so much traffic that they either slow down or crash.

Matthew Prince, co-founder and cEO of DDoS-protection company CloudFlare, reported the "very big" DDoS attack via a tweet on Monday evening.

According to Prince, hackers targeted a flaw in the Network Time Protocol (NTP), which is a system used to synchronize the clocks of Internet-connected devices, to overwhelm the victim's servers with bogus requests.

It's unclear which of CloudFlare's clients was the target of the attack. Prince told a Twitter user that he didn't have the "customer's permission to share details."

According to Prince, the amount of malicious traffic topped 400 gigabits per second — topping the size a 2013 DDoS attack against anti-spam organization Spamhaus, which was previously thought to be the largest such attack.

Monday's attack used a technique called "NTP reflection." A reflection attack lets hackers send lots of requests to a web service and make it look like those requests are coming from someone else. Then the victim's service is overloaded with traffic.

Just last month, CloudFlare published a blog post warning clients and readers about the rise of the NTP reflection attack.

In the post, CloudFlare pointed out that the NTP system is an attractive target because it "can be persuaded to return a large reply to a small request": a perfect vessel for DDoS attacks.

Prince reiterated that threat in an ominous tweet on Monday: