On March 15, 2016, Andrey Bobkin from Kaspersky Lab reported a new type of DDoS attack targeting IP phones and video surveillance cameras, which is called “IKE amplification attack.” The injection of spoofed IKE packets leads to amplification of traffic on certain networks and can lead to complete denial of service of a specific network. The exploitation of this type of DDoS attack is possible due to the fact that IKE protocol is used in many different products and services, including IP phones, video surveillance cameras, and also in some router models. In order to exploit this vulnerability, attackers need to infect a computer with a virus, which will serve as a server for the spoofed IKE packets.
Summary
On March 15, 2016, Kaspersky Lab reported a new type of DDoS attack targeting IP phones and video surveillance cameras. This is called an “IKE amplification attack” because the injection of spoofed IKE packets leads to amplification of traffic on certain networks. The exploitation of this type of DDoS attack is possible due to the fact that IKE protocol is used in many different products and services, including IP phones, video surveillance cameras, and also in some router models. In order to exploit this vulnerability, attackers need to infect a computer with a virus which will serve as a server for the spoofed IKE packets.
Attack overview
The injection of spoofed IKE packets can lead to amplification of traffic on certain networks, which in turn can lead to complete denial of service. The exploitation of this type of DDoS attack is possible due to the fact that IKE protocol is used in many different products and services, including IP phones, video surveillance cameras, and also in some router models. In order to exploit this vulnerability, attackers need to infect a computer with a virus.
IKE amplification attack – what is it and how does it work?
An IKE amplification attack is a type of DDoS attack that uses spoofed IKE (Internet Key Exchange) packets to generate an amplification of traffic on certain networks. IKE is a protocol used to establish secure IPsec connections between two devices over an unsecured network. In order to exploit this vulnerability, attackers need to infect a computer with a virus, which will serve as a server for the spoofed IKE packets. The injection of spoofed IKE packets leads to amplification of traffic on certain networks and can lead to complete denial of service of a specific network.
Timeline
Published on: 10/11/2022 19:15:00 UTC
Last modified on: 10/11/2022 19:16:00 UTC