Chinese authorities recently alleged that there has been a multi-year attack targeting the systems responsible for maintaining Chinese standard time (CST). This time zone, also known as Beijing Standard Time, is unique as China uses a single time zone across its vast territory and has not utilized daylight saving time since 1991. The systems involved rely on Network Time Protocol (NTP) for synchronization, a protocol widely employed across different operating systems to ensure that the time displayed is accurate and consistent.
NTP operates by having clients poll multiple time servers, assessing latency and jitter, and selecting the best server to ensure precise timekeeping. Popular implementations such as ntpd and chrony have been integral for this synchronization. The implications of such an attack can be significant, potentially affecting various sectors that depend on accurate timekeeping for operations. However, the report lacks detailed evidence regarding the extent of the attack and any specific vulnerabilities that might have been exploited.
👉 Pročitaj original: SANS Internet Storm Center
