Without Network Time Protocol (NTP), it would be impossible to synchronize time across networked devices. However, more and more cyberattacks continue to target NTP as a potential vulnerability in network security. If you haven’t previously given it any thought, it’s critical you review how to secure this vital service against any external attack.
NTP has existed since the very earliest days of what we now recognize as the internet. Created in the 1980s, it’s one of the oldest internet protocols still in use today, and one of the most important. It’s necessary for synchronizing network time not just in industries where precise accuracy is traditionally required, such as finance, transport, logistics and healthcare, but in all organisations.
For a lot of us, it’s easy to forget about NTP despite the critical role it plays in many of our daily online activities, such as banking and shopping. For those responsible for network security though, it must always be a consideration.
As the internet has evolved, so have the hackers constantly looking for any weaknesses which could be exploited, whether it’s to access communications files, steal personal data, interfere with financial transactions, or even cause network outages thanks to DDos attacks. NTP is one element often attacked, especially due to its necessity in those previously-mentioned sectors, which are themselves popular targets. Although internet security has developed since it’s inception, NTP has struggled to keep up with these new threats.
Just as it’s wishful thinking to consider that cyberattacks, such as DDos attacks for example, will ever end, it would be equally naïve to believe that attackers will stop targeting NTP specifically. Instead, as hackers adapt, the attacks will just change form. Discussions about these attacks usually focus on their nature and the resultant damage rather than any possible solutions. However, there is an easy step you can take to avoid these security risks.
The Solution to Secure NTP Time Synchronization against attacks
Before discussing the solution, it’s worth considering just why so many of these attacks are taking place. Often this is down to a lack of encryption. If you are communicating between clients and your chosen NTP server without this, you are needlessly encouraging hackers to attack your system.
Think of it in terms of leaving your front door open. It would still be a crime for a thief to sneak into your house and steal your possessions, but if you left the front door ajar, you’re offering an open invitation, far increasing the chances of it happening. It’s exactly the same with your network if you fail to take steps to secure use of NTP.
Internet time servers are widely available, and free. However, with the increasing number of attacks on NTP, it’s not difficult to see how this attractive price point could be a false economy. Just one attack could leave you with a huge cost in terms of stolen data or disrupted business operations, and that’s before factoring in fixing the damage caused. Once you understand that, it’s easy to see that an internal NTP time server is the only option.
Although you need to purchase an internal NTP time server, it’s a small price to pay for knowing that your organisation has the best possible defence against these kinds of attacks. And these attacks aren’t just hypothetical. The largest ever DDoS attack affected CloudFlare, ironically itself a cybersecurity provider. The attack used an NTP vulnerability and was actually so powerful that despite being targeted at one of CloudFlare’s customers, it still managed to severely degrade their own network.
An internal NTP time server sit within your firewall, rather than an internet time server which requires an open firewall port. This immediately increases security and control over the whole NTP process, rather than allowing data into your network from an unverified source, which might or might not have network security measures in place.
Increase Network Security by Using an Internal NTP Time Server
When synchronizing time, the only way to ensure network security alongside accuracy and reliability is to abandon the use of internet time servers and switch to internal dedicated NTP time servers. Until you do so, you are highlighting your network to hackers as one that can easily be exploited.
When synchronized time needs to be accurate, secure and reliable for the continuous operation of your business, the only solution is a local GNSS time server.