A research team at Boston University has discovered vulnerabilities in the Network Time Protocol that are documented as follows:  



Sharon Goldberg remembers the cold February day when her Boston University PhD candidate Aanchal Malhotra was studying routing security, in particular, attacks against the resource public key infrastructure (RPKI)—and kept hitting a dead end because of a cache-flushing issue.The resourceful Malhotra decided to roll back the time on her computer as a last-ditch effort, and it worked.

“She was able to do the attack and I asked her what she did,” said Goldberg, an associate professor in the BU computer science department. “She said she changed the time with NTP and it worked. We were both saying ‘Whoa.’”  Inadvertently, Malhotra had stumbled across serious security vulnerabilities in the network time protocol used to synchronize computer clocks, that could allow an attacker on a network—say in a man-in-the-middle position—to, at scale if they so wished, roll back time on computers and affect cryptographic calculations, carry out denial of service attacks, or impact the effectiveness of security implementations such as DNSSEC.

Goldberg, Malhotra and fellow BU students Isaac E. Cohen and Erik Brakke published a paper this week called “Attacking the Network Time Protocol” that describes a handful of attacks against NTP that are successful because of insufficient authentication and cryptographic shortcomings that allow an attacker to roll back time and cause various levels of havoc on the Internet.

This isn’t the first time that hackers have taken advantage of vulnerabilities in NTP. In late 2013 and early 2014, high profile distributed denial of service attacks were carried out by amplifying traffic from NTP servers; attackers able to spoof a victim’s IP address were able to funnel copious amounts of traffic overwhelming targeted domains.