By Lynn Palec, | November 17, 2016
The exploit was first discovered by researchers working at the Security Operations Center of telecommunications firm TDC from Denmark. (YouTube)
Security researchers have warned that a new type of exploit can disrupt a whole computer network from just one laptop. Dubbed as "BlackNurse," the attack targets certain firewall vulnerabilities from Cisco, Palo Alto, Zyxel, and SonicWall.
The exploit was first discovered by researchers working at the Security Operations Center of telecommunications firm TDC from Denmark. The researchers described BlackNurse as a low-bandwidth Internet Control Message Protocol attack.
Like Us on Facebook
In a statement acquired by Network World, the researchers reported, "The BlackNurse attack attracted our attention because in our anti-DDoS solution we experienced that even though traffic speed and packets per second were very low, this attack could keep our customers' operations down."
What separates BlackNurse from the recent DDoS techniques which crippled KrebsOnSecurity and DynDNS is the type of traffic that it utilizes. The BlackNurse attack uses ICMP Type 3 Code 3 "port unreachable" messages. These type of messages can essentially overload a firewall CPU which can result in a DoS state.
Most DDoS attacks in the past utilized ICMP packets. With ICMP type 3 code 3, a single laptop could inflict massive damage and can take down a whole network if not patched on time.
Recent DDoS attacks can send up to 1Tbps of traffic to a certain server to cripple it. Security firm Netresec claims that a BlackNurse attack can disrupt a network by sending just 21Mbps of traffic to the target.
The researchers pointed that only a handful of products are vulnerable to the BlackNurse exploit. These are Cisco ASA 5506, 5515, 5525 in default settings, CISCO ASA 5550 legacy device and 5515-X, Cisco Router 897, Zyxel NWA3560-N and Zyxel Zywall USG50, SonicWall, and some unverified Palo Alto products.
According to Forbes, TDC researchers found out that 1.7 million devices respond to the ICMP request that a BlackNurse attack uses, and this was just within Denmark. The researchers added that even if just a small fraction of those devices are vulnerable to the attack, it could launch a large-scale and coordinated attack that could render irreparable damage.
Germany Begins Process to Build its own Sixth Generation Stealth Jet Fighter
Clash of Clans Update: Shipyard use Included in Next Patch
iOS 10.3 Final Version Finally Underway, Apple iOS 11 Features Dark Mode, AR- Compatibility, Theatre Mode
Imminent Demise of The Pirate Bay, Torrenting as Hollywood Guns to Kill Piracy with Quick VOD Release for $30?
Last Mars Volcano Erupted When Dinosaurs Also Went Extinct on Earth
Mars Once had Rings and can Form a new Ring Again
New Zealand Parrot can Spread 'Laughter' With Unique Call
Oceans Around the World are Warming 13 Percent Faster
Mysterious Fast Radio Bursts Caused by Alien Civilizations?
Mysterious, Bright Spots on Dwarf Planet Ceres Caused by Ice Volcanoes