About different categories of attacks

Amplification attacks

Denial-of-service attacks are common incidents, where an attacker employs vulnerable machines on the Internet to send large amounts of malicious traffic to a victim organization, blocking the Internet connection of the victim and preventing the victim's services to work normally. An amplification attack is a form of denial-of-service attack, where the attacker uses an open Internet service somewhere to amplify the effects of the attack. Many innocent services found even in Internet users' home routers can act as an Internet megaphone, amplifying and making a small denial-of-service attack become a massive network outage.

To simplify, an attacker sends small data messages to your vulnerable device. Your device reacts to these messages by sending very large messages to the victim targeted by the attacker. The victim sees your IP address among possibly hundreds of thousands of other IP addresses as the source of the attack.

You can view a more technical explanation of this type of attack in this Youtube video (opens new window). The example in this video shows an amplification attack happening via the common DNS service, but the principle remains the same no matter what vulnerable service is used.

This very common form of attacks can easily bring even a massive enterprise service to its knees. At the same time, your Internet connection is likely blocked during the attack, and your Internet service provider can block your service temporarily to protect you and others from abuse.

Take care of your Internet connectivity, your reputation and future victims of amplification attacks. Block services that can be abused by criminals!