Both agencies called the vulnerability "critical."
On the brighter side, once an attack stopped, normal operations of the Internet or a network would likely resume as the hardware -- routers in particular -- reset and rebuilt their tables.
The vulnerability stems from the fact that TCP sessions can be reset -- in other words, shut down, if only temporarily -- by sending maliciously-crafted RST (reset) or Syn (synchronization) packets to either end of the session's connection. Although this is an intended feature of TCP -- as in the infamous phrase, not a bug -- an attacker who spoofs the source IP addresses on the packets can terminate the session, resulting in a denial of service.
Although a denial of service attack using TCP packets has long been known as a weakness of the protocol, experts believed that a successful attack wasn't practical, since the attacker would have to guess the an identifying sequence number in the next packet; the odds of that are about one in 4.3 billion.
But researcher Paul Watson, who runs the pro-hacking blog on terrorist.net, has discovered that the "probability of guessing an acceptable sequence number is much higher because the receiving TCP implementation will accept any sequence number in a certain range. [That] makes TCP reset attacks practicable," said the NISCC in its advisory.
To realize the benefits of cloud-native software, an application must actually be cloud-native—designed to run in the cloud, interacting with disaggregated cloud services, fully manageable as code—to deliver the expected benefits.
By combining resources and expertise, the AI-Enabled ICT Workforce Consortium will offer a blueprint for how industries can adapt to an AI-dominated future.
IT leaders should heed the guidance of cybersecurity insurance providers who think businesses should prioritize security education, incident preparedness, regular internal audits, and ongoing vulnerability scanning and patching.
