What is the threat of such a huge DDoS?

The latest report by the DDoS protection services market leader, Black Lotus, shows that the world's largest service providers suffer from a variety of DDoS attacks. The scope of the attack is very broad, covering all walks of life, where 64% of platform providers are affected by DDoS attacks, and 66% of managed solution providers and 66% of VoIP service providers are affected.

DDoS attacks can have a very serious impact, with 61% of all types of service providers being attacked to threaten normal business operations, or even loss of profits or theft of customer privacy.

What is the threat of such a huge DDoS?

noun explanation

ddos:distributed denial of service, a distributed Denial-of-service attack. With the help of client/server technology, multiple computers are combined as attack platform to launch DDoS attacks against one or more targets, thus multiplying the power of denial-of-service attacks. Typically, an attacker uses a theft account to install a DDoS master on a computer, and in a set time the master program communicates with a large number of agents that have been installed on many computers on the network. When an agent receives an instruction, it launches an attack. With client/server technology, the master program can activate hundreds of proxy programs in seconds.

Image metaphor

You can use an analogy to get a deeper understanding of what DDoS is. What would they do if a group of bullies tried to keep competing shops across the street from operating normally? Bullies disguised as ordinary customers have been crowding in their rivals ' shops, rely on not to go, the real shopper is unable to enter, or always and the shop assistant desultory, so that staff can not normal customer service, but also for the shop operators to provide false information, shops up and down the busy into a regiment but found that is a empty, Finally ran the real big customer, the loss is heavy. In addition, bullies do these bad things on their own, sometimes hard to accomplish, and need to call on many people. Well, DOS and DDoS attacks in the field of cyber security follow these ideas.

Real-world version of DDoS

Lyft is a Uber competitor. To go to a certain time in 2014 Lyft driver received a lot of fake orders: Someone ordered a car, wait for the driver to leave and cancel the reservation. It was found that at least 5,560 of these fake orders came from 177 Uber employees. Even 1 Uber employees issued 680 false orders to Lyft's drivers with 14 false accounts. Uber to this explanation, presumably means that this is a temporary work. Uber This employee's behavior is the reality version of DDoS.

Attack principle, how to launch DDoS attack

Of the three elements of information security: "Confidentiality", "integrity" and "availability", DoS (denial of service), a denial-of-service attack, targets "availability". This attack method can not provide normal service by using the target System Network service function defect or directly consuming its system resources.

DDoS attacks in many ways, the most basic Dos attack is to use reasonable service requests to occupy too much service resources, so that legitimate users can not get the service response. A single Dos attack is usually a one-to-one approach, when the target CPU speed low, small memory or small network bandwidth and so on the performance of the indicators are not high, its effect is obvious. With the development of computer and network technology, the processing capacity of the computer has grown rapidly, the memory has increased greatly, and the gigabit network has also appeared, which makes the difficulty of the DOS attack increased, and the target's "digestion ability" of the malicious attack package has been strengthened a lot. In this case, distributed denial of service (DDoS) attacks have emerged. DDoS is the use of more "puppet machine" to launch attacks, to attack the victim on a larger scale than before, resulting in "usability" collapse, failure.

Means of attack

DDoS attacks consume a large amount of network resources through a large number of legitimate requests to achieve the purpose of paralyzing the network. Can be divided into the following:

1, through the network overload to disrupt or even interrupt the normal network communication.

2. Overload the server by submitting a large number of requests to the server.

3, blocking a user access to the server.

4, block a service and a specific system or individual communication.

DDoS attack history and typical events

The first "fame" of DDoS attacks was a computer outage in the University of Minnesota for more than two days in 1999. But only a year later, in 2000, the scope of the broader, this time Amazon, CNN, ebay and Yahoo were attacked within 24 hours, causing the site or link giant slow or collective drop. Amazon and Yahoo are expected to total losses of about 1.1 million dollars.

In the 2001-2005 years, the case of DDoS attacks has grown invisibly, with several prominent events, the best-known of which is the attack on Register.com and ebay, which led to the prosecution of a man claiming "at least 5000 dollars a year" Losses.

In the 2006, DDoS Tools became a heavy weapon for hackers, but the attacks were usually carried out by individuals rather than by a group. A notable case in the UK is that a teenager sent 5 million e-mails to his former employer to cause his server to be down.

The 2007 was a diplomatic influence on the online war because of the Russian attacks on the Estonian national website. The initial outbreak of the conflict was the uprising of the Soviet War monument, which evolved into a Russian population when it moved from the capital of Estonia, which then spread to cyberspace, with websites of several government agencies and cities being hacked or modified by Russian militants.

In the disputed Iranian election in July 2009, street protests were reflected in cyberspace when a number of Ahmadinejad supporters ' websites were worn down by many self-made denial of service tools. This is no longer the use of automatic zombies, but from the public attacks on the government used PHP script.

......

At the end of March 2014, anonymous hacker group launched a large-scale DDoS attack, which led to the company's playstationnetwork.com Web site was once inaccessible. But this is just the tip of the iceberg, Sony said, in the DDoS attack, Sony's PSN service server was compromised, causing 77 million of user data stolen.

......

The influence and precaution of DDoS

Hazard and Loss estimates

A survey from Kaspersky showed that 38% of the victims of DDoS attacks were powerless to protect their core business from attack. Attacks can also affect credit ratings and insurance premiums. A single DDoS (distributed denial of service) attack on the company's online resources can cause considerable losses, averaging the number of companies ranging from USD 52,000 to US $444,000, depending on the size of the company.

For many organizations, an attack could have a serious impact on the balance sheet. The impact on the company's reputation and the inability of partners and customers to access network resources can lead to fatal blows.

DDoS attacks result in 61% of companies not having access to their critical business information, 38% are unable to access their critical business, and 33% of the victims have commercial contracts or contract losses.

The above flaws are only superficial damage, the serious consequences of the destruction of critical business and the loss of reputation are sometimes not easy to quantify.

Precautions

At this point, while reducing the impact of DDoS attacks is not easy, it is possible to take the necessary steps to reduce losses.

It is necessary for an enterprise to view DDoS defenses as an integral part of the overall IT security strategy. For businesses, defending against DDoS attacks is as important as deploying anti-virus protection, targeted attack defense, data disclosure, and other security initiatives.