A new distributed denial-of-service (DDoS) amplification attack can increase damaging effects by four billion times and stretch out the length of the attack to 14 hours. The record-breaking amplification vector comes from misconfigured servers belonging to Mitel MiCollab and MiVoice Business Express collaboration systems. Researchers have reported that the Mitel DDoS amplification attacks have been used against financial institutions, logistics companies, gaming companies, and organizations in other markets. “DDoS attacks usually target companies and government online services,” Avast Security Evangelist Luis Corrons commented. “In this case, this amplified attack traffic can be safely mitigated using standard DDoS defense tools and techniques.” Organizations using Mitel servers are strongly advised to make sure they are configured correctly. For more on this story, see Ars Technica.
