Managed VPS and dedicated server provider, Future Hosting, a company based in Southfield, Michigan, has warned server hosting clients of the dangers posed by insecure Memcached instances. When configured incorrectly, the popular caching application could be used by bad actors to launch massive Distributed Denial of Service (DDoS) attacks.
Earlier this year, a popular version control platform was targeted by a record-breaking DDoS attack that peaked at 1.35 TB per second. Soon after, that record was broken by a DDoS attack that used insecure Memcached instances to send 1.7 TB per second to its victim, stated Future Hosting. Few businesses can mitigate attacks of this magnitude.
Future Hosting now urges server administrators to ensure that Memcached instances hosted on their servers are configured securely. Memcached should never be reachable from the open internet or configured to respond to requests from arbitrary hosts.
Developers and system administrators without the expertise to securely configure server software should consider hiring a professional system administrator or a managed server hosting provider that can configure a secure hosting environment.
Memcached is used by millions of websites around the world. It is a database that caches the results of database queries to accelerate the performance of web applications. Memcached can be configured to accept connections from arbitrary hosts on the open web. Bad actors could use insecure Memcached instances to launch amplified, reflected DDoS attacks against their victims, taking their websites and applications offline.
Memcached is one of many applications that can be used to amplify the bandwidth available to an attacker: open DNS servers and NTP servers are also common vectors. But Memcached would be significantly more potent. It can be used to amplify the data in a DDoS attack by a factor of more than 50,000, stated Future Hosting.
“Future Hosting provides server hosting for thousands of businesses, and we’re concerned that insecure Memcached instances pose a serious threat to our clients and other businesses on the web,“ said Maulesh Patel, VP of Operations of Future Hosting, “Memcached is ubiquitous on the modern web because of its usefulness, but less experienced system administrators are not configuring it securely, providing bad actors with a DDoS vector that threatens even the largest online businesses.”