DDOS attacks to users should be brave
Recently, in the domestic security industry, and a modest thing happened.Said it is not big, because this is not a security incident that, attack technique is not new.Says it is not small, because the attacks launched by foreign hackers organization, no matter look from the current and future development trend, we should mention attaches great importance to the matter.
Late last month, the dark clouds bug report warning platform, called "Armada of Collective" hacker groups using DDOS attacks extortion businesses, its targets or associated with terrorist ISIS, the preferred is mail service providers such as the goal.In the emphasis on its own attack ability to enterprises at the same time for the currency.
It is understood that attack, not only to the mail service provider ProtonMail themselves also troubler of two data centers and ISP, hundreds of companies were affected.ProtonMail under pressure, but to "Armada" paid 20 COINS (report for about $6000).According to cloud network to further explore the events, domestic well-known Internet companies have received threats, and hackers have apparently on an increasingly active is very interested in China in the currency market, and domestic well-known Internet companies suffered three DDOS attacks.Dark clouds network analysis, points out that
whether overseas hackers team found that Chinese Internet companies will be blackmail against the blue ocean.
The situation further fermentation, ali cloud officially released, ali cloud has likely to suffer attacks made adequate preparation, we will joint operators such as protective power, resist network attack with customers, to protect the stable operation of the network economy in China.As a major service domestic cloud computing industry, ali cloud based on alibaba group security capabilities for more than ten years, has been built cloud shield, etc. Series security products and services.Ali cloud has with operators to resolve the Internet history of the world's biggest DDoS attacks (up to 453.8 Gb) per second.
Accordingly, CSDN reporter interviewed ali cloud security experts.
CSDN: DDoS attack technology actually had ten years ago, why China's web site will also attack, what are the problems our website design?
Ali cloud: DDoS attack technology actually had ten years ago, but today many users are still being attacked and mostly because ash production and economic benefits.DDoS today has developed into a very mature product line of gray, attackers have a clear division of responsibilities, complete different roles, to a certain organization to the victims of the attack, as long as there is interest exists, the attacker will "perseverance".
From the technical level, DDoS attacks are essentially the competition of bandwidth and resources.The biggest characteristic of it is through the central control mass "chicken", at the same time to the target.This attack is not use the site's own particular vulnerability to complete, but the birth defect using TCP/IP protocol.As long as the Internet is the TCP protocol, then no matter how many years past, DDoS attacks will not die.Instead, because today's trojans and other malicious, makes the number of chickens in explosive growth, the cost of the DDoS attack by hackers is becoming more and more low.
The motives of attackers attack we summarize mainly has the following kinds
1, malicious blackmail: generally the attacker will be required to pay a certain amount of fees, many users because they have no ability to fight and play, and had to pay the so-called "protection".The hacker attacks is belong to such overseas.
2, malicious competition, it is found mostly in the game industry, usually because of malicious competition between peers.
3, for other purposes, such as display technology, attack testing, express some views, etc.
Besides DDoS attack in today's popular way and Web application attacks.Hackers through the use of common general software vulnerabilities,
the logic of business design defect, the server to request content factors such as the lack of effective attack detection, fixed-point attack the target.They by sending malicious request to achieve illegal possession of core data, the control server permissions, etc.For this type of attack and defense both sides over the years has been in a "your feet freshman year, I add one stick" of the game.There have been new zero day attack, also will have the corresponding protection plan immediately.
On the way of security, therefore, we still have a long way to go.We not only should face violent attack by using a common protocol of defects, also can solve the "small, qiao" leisurely Web attack.Web site needs to strengthen the construction of their own safety, the standard code, regularly scan related vulnerability, and at the same time it is necessary to select the powerful cloud security vendor to help together in the face of increasingly serious security issues.
CSDN: ali cloud in against DDOS attack what is this aspect of the technology, what are the corresponding products?
Ali cloud: ali cloud based on years of accumulation security ability, form the three-dimensional security protection system.Ali cloud can provide for the customer, including DDoS, CC, WAF, security services, protection against all three to seven layers of DDoS attacks.In 2014, ali cloud help customers successful defense the peak of 453.8 Gbps of the world's largest DDoS
attacks.In Q3 2015 quarter, a successful defense 60 times greater than 300 GBPS of large-scale DDoS attacks, resolving a customer's 3.5 million QPS CC attack (the equivalent of 700000 broilers access) at the same time.Ali cloud security team also for meizu technology, red hill venture included many famous Internet companies and new listed companies to provide security services, stable and reliable safeguard its Internet business.
At present, ali cloud DDoS defenses through the cloud shield foreign service.
L ali cloud for all customers with the highest 5 g free DDoS based protection ability.
L pay for entire network to provide value-added services, such as: opening high IP service, to ensure stable and reliable source station.
L custom network security expert service.To provide DDoS protection strategy optimization, major events, three-dimensional services such as artificial unattended.
CSDN: ali cloud said willing to provide protection for China's other user technical support, the support will be included?
Ali cloud: can provide DDoS emergency support, assist enterprises in a sudden attack of cleaning services;Can provide DDoS network security expert
service, help enterprise for the business and network security planning in advance Suggestions;Can provide major events security service, the user enterprise in promotion, large presses, release service, 1 to 1, 7 * 24 hours service.
CSDN: please look at the development trend of DDoS attacks, users and how to defend?
Ali cloud: with the development of cloud computing technology, will more and more enterprise users to adopt the cloud services to business systems architecture itself.And trends from the attack, in recent years due to the NTP reflection attacks, SSDP attacks such as explosion, caused the attacker can use very low cost to initiate a big attack traffic, DDoS defense form becomes more serious.
Ali cloud security team through the years, the study found the cloud scenarios for her way of solving the DDoS attack is more flexible than the traditional way, and can be more cost savings.With the development of technology, the cloud computing vendors will also launch prices cheaper, defense effect is superior to the defense products, reduce the loss of the user.So for the user, in addition to preparing their own security team on defense, trustworthy cloud service manufacturer of security products of choose and buy is also a good choice.
Indeed, by the DDOS attack has spawned a black industry chain, and many workers, a statistical its annual output may be over 10 billion yuan, the number of hundreds of thousands.
IBM experts also released the 2016 annual meeting of the new type of DDOS attacks.
1. The BitTorrent network will become the ideal hotbed of DDoS chicken
The first types of DDoS attacks has actually occurred in August this year, its abuse is BitTorrent client.
As for the specific implementation approach, malicious people may use various BitTorrent protocol organize DRDoS reflection (that is, distributed denial of service) attack, some can even to their own scale to 120 times the level of the original.
BitTorrent team is now in its agreement to repair the specific security vulnerabilities, but considering the global network of millions of BitTorrent seed users, criminals will also find a new way to abuse of this technology.
As the second types of DDoS attacks, this means using the correlation technique to the target site traffic to hijack, triggering unexpected other activities.Although IBM mentioned previously seen only once, but in fact there have been 2015 years twice such attacks, and the number is expected to grow further in 2016.
3. The Temporal Lensing (temporary) lens DDoS attack what is?
A third type of DDoS attacks is expected to appear in 2016, the related conclusion by IBM's technical experts, according to a research paper in May this year received, of which mentioned that called Temporal Lensing form of DDoS attacks.
These types of attacks so far still have not been officially put on record, but they all have the DDoS attack ability advantage significantly.Attackers to use the only condition is to be able to ensure that all network packets at the same time synchronization in the target site, and find the protocol supports magnification factor, after that they can sit enjoy attack activities among the millions of victims packet will completely engulfed.