Hackers frequently launch DDoS attacks to blackmail, DDoS protection has become increasingly important

Nowadays, DDoS protection has become an issue that enterprises must consider. In the first half of 2020, a number of high-tech manufacturing industries were encrypted by hackers with ransomware and demanded high ransoms. However, in the second half of the year, hacker groups threatened Taiwan’s manufacturing companies. If they did not pay the ransom, they would launch them. In addition to the official websites of these companies, DDoS attacks are mainly targeted by hackers targeting the supply chain ordering platforms of more valuable high-tech companies. By paralyzing these systems, high-tech companies are more willing to pay after they suffer losses. ransom.
According to an unnamed source, near the Mid-Autumn Festival holiday, on September 26, a system integration company received an extortion letter claiming to be the Fancy Bear hacker organization, asking the company to pay 10 bitcoins (about NT$3 million). Otherwise, another DDoS attack will be launched a week later. The company was hit by the first DDoS attack immediately, but due to DDoS protection, the second attack did not occur a week later.
On October 9th during the National Day holiday period, some system integration companies were also subjected to similar DDoS extortion letters, demanding payment of 20 Bitcoins (about NT$6 million). At the same time, some motherboard companies received the same extortion letters; By the end of October, the system integration company that had received the extortion letter in early October had suffered a DDoS attack that lasted for 8 hours and the attack traffic was as high as 100Gbps~105Gbps; in early November, it was also reported that a component company had suffered a second DDoS attack. , But did not receive a blackmail letter this time.
For targeted DDoS attacks on Taiwan's manufacturing industry, hackers will first obtain the company's contact window through public information, such as public relations, human resources, investor contact window or customer service, etc., and send extortion emails. Basically, the attacker will first launch a trial operation to win the trust of the victim enterprise. He said that the hacker’s test traffic is about 1Gbps, and the company’s external network is already facing obvious pauses or interruptions; hackers will also use the Internet to obtain the AS Number (Autonomous System Number) of the attacked company as an attack mark, which is usually The enterprise has a large network segment.
After the hackers try it, they will all claim that the firepower of the next wave of formal attacks will reach 2Tbps to 2.5Tbps. If there is no complete DDoS protection, the blackmailed will suffer huge losses. But in fact, the customer has a real record of intercepting the hacker’s trial, but did not encounter a real large-scale attack, and most of the attack sources for the trial came from Russia and Eastern Europe (Russia, Belarus, Uzbekistan, Kazakhstan). There are a small number of other attacks from Europe (UK, the Netherlands), the United States, Hong Kong, and Taiwan. The source of attacks used in Taiwan is IP Camera.
In the face of increasingly frequent DDoS attacks, the importance of DDoS protection has been recognized by everyone. Therefore, enterprises need to make preparations for DDoS protection at all times in their daily business operations.
This article is transferred from: https://www.zhuanqq.com/News/Industry/374.html