Amplification attacks using NTP are on the rise. The UDP-based protocol can use a small request and cause a heavy payload response. CloudFlare has done an outstanding job explaining how the following picture is possible.
Read about it here on CloudFlare’s blog.
Team-Cymru has posted some secure NTP templates for Cisco, UNIX, and Juniper perimeter hosts so you won’t be part of the problem.