News Categories

Akamai reports growing TFTP abuse

By Chong Jinn Wei - on 5 Jun 2016, 8:30am

Akamai reports growing TFTP abuse

Akamai Technologies, a Content Delivery Network (CDN) based in the U.S., recently reported a worrying trend of hackers abusing Trivial File Transfer Protocol (TFTP) servers to launch Distributed Denial-of-Service (DDoS) attacks.

Akamai recently reported that hackers have been launching DDoS attacks using TFTP servers to amplify their attacks on targets. <br> Image Source: Softpedia

For people who are unfamiliar, a TFTP allows a client to move files to and fro onto a remote host. DDoS, on the other hand, is a cyber attack that originates from more than one source, often thousands. So far, 10 attacks of this nature were recorded by Akamai.

Although TFTP has been used widely over the year, ranging from sending firmware updates but not limited to networking devices, hackers have figured out a way to use the protocol for malicious reasons. Thanks to its simple design, which leave out several forms of authentication within a Local Area Network (LAN) environment; hackers have added the protocol to amplify their attack on targets.

Despite its simplicity, there are still limitations to the attack; under normal circumstances, most TFTP servers will only sent back limited portions of data to hackers. However, hackers have scripted an attack tool for TFTP DDoS. Based on Akamai’s observation, the most data the attack managed to draw was up to 1.2Gb/s.

Akamai stated that they recommend users to not connect their TFTP to an Internet connection, and let it be used within a LAN environment. They also advice companies to assess if there is a need to connect it to the Internet, but use a firewall and only allowed trusted sources to access the TFTP.

For more Tech News, please follow us here.