A recently discovered distributed denial of service technique that abuses the Web Services Dynamic Discovery specification is being executed in the wild by multiple threat actors to amplify the effects of their attacks, researchers have warned.

The technique is a User Datagram Protocol (UDP) Amplification technique that involves spoofing requests to the WS-Discovery service. WS-Discovery is a specification designed to facilitate the discovery and connectivity of devices and services on a local network.

A spoofing attack leveraging this protocol causes a targeted internet-based server to send an overwhelming number of responses, using up its bandwidth, explains researchers at Akamai Technologies in a blog post yesterday. Akamai recently detected such an attack against one of its own clients in the gaming industry, states blog author Jonathan Respeto, security intelligence response team engineer at Akamai.

Please register to continue.

Already registered? Log in.

Once you register, you'll receive:

  • News analysis

    The context and insight you need to stay abreast of the most important developments in cybersecurity. CISO and practitioner perspectives; strategy and tactics; solutions and innovation; policy and regulation.

  • Archives

    Unlimited access to nearly 20 years of SC Media industry analysis and news-you-can-use.

  • Daily Newswire

    SC Media’s essential morning briefing for cybersecurity professionals.

  • Learning Express

    One-click access to our extensive program of virtual events, with convenient calendar reminders and ability to earn CISSP credits.