Prolexic has shared information on a popular cyber attack technique, SYN reflection attacks, which can leverage the defense mechanisms of DDoS mitigation devices to increase the strength of the attacks.
SYN reflection attacks are one of the more sophisticated DDoS attack methods and typically require some skill to execute. However, they have recently grown in popularity as they’ve become available on a DDoS-as-a-Service basis via the criminal underground.
“SYN reflection attacks have been around for a long time, but new attack apps make them extremely easy to launch. Even a novice can do it,” said Stuart Scholly, President of Prolexic. “Malicious actors wrap web-based graphical user interfaces around sophisticated scripts and offer them as convenient DDoS-as-a-Service apps that you can launch from your phone.”
SYN reflection attacks are used against targets that support TCP – a core communication protocol that enables computers to transmit data over the Internet, such as web pages and email.