Is 2017 a crisis year for DDoS attacks?
DDoS attacks are not new, but 2016 marked a rise in their sophistication and magnitude. Last year witnessed a number of prominent distributed denial of service (DDoS) attacks, including one attack against DNS provider Dyn. This attack leveraged a Mirai botnet of 100,000 infected devices and caused several high-profile websites including Spotify and Twitter to go offline for several hours1.
Naturally, theres a concern that such threats will continue to intensify this year. Deloitte, for instance, warns that 2017 will be a crisis year for DDoS attacks, with a greater frequency, scale and severity of attacks than in years prior. In fact, they expect over 10 million DDoS attacks in 2017, with an average attack size of 1.25 to 1.5 gigabits per second!2
The numbers are certainly alarming. But instead of panicking at the statistics, organizations will be better off if they understand what is causing the recent upsurge in DDoS attacks, and what defensive measures they should take to mitigate the threat.
Whats causing the upsurge in DDoS attacks?One major factor responsible for the increase in DDoS attacks is the growing number of Internet of Things (IoT) devices, such as smart security cameras, smart televisions or even smart thermostats, which are insecure and can therefore be integrated far more easily by hackers into a botnet than computers, servers or smart phones. The Mirai botnet attack mentioned earlier leveraged precisely these sorts of IoT devices.
Another factor is the significant increase in bandwidth capacity and broadband speeds in recent years, especially in the West. With greater speed and bandwidth available, hackers can send more data quicker with the devices they hijack for their botnets.
Lastly, especially on the Dark Web, there are many easy-to-use malware tools available, such as Mirai, which even relatively inexperienced hackers can employ and launch attacks with3.
How can organizations defend against DDoS attacks?Here are several ways organizations or businesses can lower the risk of being affected by DDoS attacks.
Choosing a cloud service provider that provides robust anti-DDoS protection
Organizations nowadays store much of their data and applications on the cloud. To protect their online assets from malicious attacks, organizations should pick cloud service providers that provide robust anti-DDoS protection as part of their service. Alibaba Cloud, for instance, offers basic anti-DDoS protection to all of its users free of charge. Furthermore, unlike some other cloud providers, Alibaba Clouds security features are developed in-house rather than by third parties, which allows Alibaba Cloud to ensure maximum levels of security.
Dispersing the location of data
Its recommended that organizations dont store all of their data on a single server or data center. When a large amount of data is concentrated in a single location, it is easier for hackers to identify and select as a target for DDoS attacks. Data should thus ideally be decentralized and dispersed in multiple locations, for example by keeping sensitive and non-sensitive data in different zones.
Analyzing incoming traffic patterns
Any incoming traffic to an organizations servers should be closely monitored, particularly when there is a surge of traffic. Any substantial surge of traffic coming from a new geographic location should be viewed with caution and may indicate a potential DDoS attack. An experienced IT team should be able to determine whether this is the case.
Utilizing blacklists and whitelists
Once illegitimate and harmful traffic has been identified, it should be added to a blacklist and blocked. A blacklist prevents access to a network from any IP address on the list. A whitelist provides a similar function, except it allows (rather than blocks) IP addresses on the list to access the network. Both blacklists and whitelists can mitigate against DDoS attacks by filtering traffic and keeping intruders out. However, its important to make sure that legitimate traffic is not accidentally blocked through these lists.
1https://www.tripwire.com/state-of-security/security-data-protection/cyber-security/5-significant-ddos-attacks-2016/
2https://www2.deloitte.com/content/dam/Deloitte/global/Documents/Technology-Media-Telecommunications/gx-deloitte-2017-tmt-predictions.pdf
3 Ibid
Bypass X-WAF SQL注入防御(多姿势) 0x00 前言 X-WAF是一款适用中、小企业的云WAF系统,让中、小企业也可以非常方便地拥有自己的免费云WAF。 本文从代码出发,一步步理解WAF的工作原理,多姿势进行WAF Bypass。
https://www.cybersource.com/content/dam/cybersource/CyberSource_MRC_Survey_Top_9_Fraud_Attacks.
相关文章
- What is the use for Task.FromResult<TResult> in C#
- What is NuGetPackageImportStamp for?
- Aspose.Words for .NET图表教程——创建四种OOXML图表
- 【Vue】错误提示Parsing error: No Babel config file detected for 的解决办法
- for循环里的定时器引发的思考
- git pull出现There is no tracking information for the current branch
- visual studio 2013 for windows desk报error MSB8020: The build tools for v141错误
- 1039 Course List for Student (25 分)【难度: 一般 / 知识点: 模拟 哈希表】
- python2 解决TypeError: 'encoding' is an invalid keyword argument for this function
- Spring Cloud: High Availability for Eureka
- Version 1.8.0_201 of the JVM is not suitable for this product. Version: 11 or greater is required.
- for循环(C语言型)流程
- <IBM DB2>【精品】《DB2单机多节点分区数据库搭建纪实 for Linux》(第2部分)
- elasticsearch报错之 memory locking requested for elasticsearch process but memory is not locked
- 【ES9(2018)】for await...of
- WARN NativeCodeLoader: Unable to load native-hadoop library for your platform... using builtin-java classes where applicable(spark加载hadoop本地库的时候出现不能加载的情况要怎么解决呢?)
- The attribute required is undefined for the annotation type XmlElementRef
- com.mysql.jdbc.PacketTooBigException: Packet for query is too large (1169 > 1024)
- javascript for in 循环时,会取到Array.prototype
- elasticsearch6.4 memory locking requested for elasticsearch process but memory is not locked 终极解决
- eclipse导入项目Archive for required library cannot be read or is not a valid ZIP file
- configure JDBCRealm JAAS for mysql and tomcat 7 with form based authentication--reference
- 远程连接mariadb时提示Accesss denied for user 'root'@'ip'(using password:YES)
- 《MODNet:Is a Green Screen Really Necessary for Real-Time Portrait Matting?》论文笔记