How to deal with DDOS protection measures that have entered the TB era

Others 2021-02-27 23:12:00 views: null

In addition to improving DDoS protection measures, security experts have been paying attention to the increasing scale and frequency of DDoS attacks for a long time. According to reports, in some parts of the world, thousands of attacks are being experienced at any time. Therefore, large organizations must strengthen their defense measures, which has become a daily activity for many organizations. In the "NETSCOUT Threat Situation Report", researchers found that the frequency of attacks actually showed a downward trend from 2017 to 2018, but for the troubled security team, the news brought a bit of comfort quickly by another person. The trend of worry offsets: the scale of attacks has doubled, often far exceeding the defensive capabilities that many service providers consider safe. DDoS has entered the TB era.
According to the information provided by NETSCOUT's ATLAS Security Engineering and Response Team (ASERT), in the first half of 2018, the scale of the largest DDoS attack increased by 174% over the same period in 2017. In fact, in February 2018, a large service provider in North America suffered a 1.7TB attack, the largest attack ever. Fortunately, due to the customer's excellent architecture design and distributed deployment, and preparation for DDoS protection, combined with its multi-layer Arbor DDoS solution, they were able to successfully mitigate the attack without causing service interruption. However, this attack emphasized a new fact: DDoS protection measures designed to deal with attacks in the 300GB range are no longer able to meet the requirements, and even the infrastructure with 1TB defense capabilities is at risk.
This record-breaking attack is an example of a memcached attack that has already appeared in 2018. The reason for this judgment is that they exploited vulnerabilities in the cache server used to speed up website data access. Memcached is a free and open source software that is widely deployed in cloud service infrastructure and corporate networks. It has the effect of increasing bandwidth. The developers behind this attack discovered a design vulnerability in the memcached software package, which allowed them to exploit A large amount of service provider bandwidth builds and launches unprecedented large-scale attacks.
Open source software is usually hurriedly put into the market without sufficient vulnerability testing for users to use for free. Due to the continuous spread of open source software, it can be said that this kind of attack will not be subdued after one occurrence. The security team should find similar exploits. As attack tools become more and more sophisticated and new attack vectors continue to emerge, attackers find that launching larger and more effective attacks becomes easier and cheaper.
The trend of increasing attack scales highlights the need for hybrid or layered defense measures (combining local and cloud mitigation capabilities). The scale of common attacks is still relatively small, and local solutions (virtual or device) can usually be used for detection and mitigation. However, since the attacker's capabilities have reached the terabyte level, it is necessary to have cloud components that can mitigate the largest attacks. The advantage of the hybrid DDoS protection solution is that cloud defense can essentially be used as a backup (as opposed to "always on") measures, and it can be activated as soon as the local component detects an ultra-large-scale attack.
With the support of global threat intelligence capabilities, DDoS software and hardware solutions will be more effective. Using this data, measures to deal with known and emerging threats can be directly integrated into mitigation products.
Over the years, we have gained an important enlightenment from the analysis of the threat situation: Enterprises should be prepared for DDoS protection to deal with new DDoS attacks, because once such attacks appear, they will not disappear. The moment a TB-scale attack appears, it will always exist.
This article is transferred from: https://www.zhuanqq.com/News/Industry/333.html

Guess you like

Origin blog.csdn.net/weixin_51110871/article/details/113185942
Recommended
Ranking
error: (-215:Assertion failed) !_img.empty() in function ‘cv::imwrite‘
Database migration between Navicat servers
Minimum number of rotation of the array: Array
balenaEtcher for mac (make a boot disk software) v1.5.67
Custom processing serialization and deserialization in jackson
Mu-en-mask system development software
Mastering Regular Expressions
Find mileage Java--
Web pages can not directly concern the public micro-channel number how to do? A key to arouse public concern number of micro-channel solutions
[CodeForces - 739B] Alyona and a tree Tree + [difference] + bipartite
Daily
More
2024-05-12(28)
2024-05-11(32)
2024-05-10(34)
2024-05-09(32)
2024-05-08(18)
2024-05-07(34)
2024-05-06(6)
2024-05-05(0)
2024-05-04(18)
2024-05-03(8)

Code World

© 2018 codetd.com