Researchers said they have discovered a simple way lone attackers with limited resources can knock large servers offline when they're protected by certain firewalls made by Cisco Systems and other manufacturers.
The denial-of-service technique requires volumes of as little as 15 megabits, or about 40,000 packets per second, to sever the Internet connection of vulnerable servers. The requirements are in stark contrast to recent attacks targeting domain name service provider Dyn and earlier security site KrebsOnSecurity and French Web host OVH. Those assaults bombarded sites with volumes approaching or exceeding 1 terabit per second. Researchers from Denmark-based TDC Security Operations Center have dubbed the new attack technique BlackNurse.
In a blog post published Wednesday, the researchers wrote: