DDoS attacks are becoming more and more widespread, and although the protection technology is gradually enhanced, the attacks will still evolve and spread through various means and means. Researchers have discovered new versions of the malware that use malware and botnetize access to devices such as routers. According to statistics, the number of attacks and attacks that are more difficult to protect will continue to grow.
Despite the unremitting efforts of security protection and law enforcement to maintain, DDoS attacks still pose a huge threat to enterprises. According to the survey statistics, large enterprises feel that DDoS is still the biggest hidden danger in network security, and many security service personnel are very worried about this.
Next, we mainly analyze the analysis of the first quarter of domestic DdoS*** in 2019: the proportion of continuous*** almost doubled compared with the Q4 quarter of 2018, rising from 0.11% to 0.21%. Moreover, the duration of *** and the type of *** have an upward trend. Compared with Q4 last year, SYN Flood still occupies the largest share of 84.1% of spam traffic. Compared with UDP Flood, the share of TCP Flood has decreased. However, the share of HTTP Flood and ICMP has increased, but it is still ranked last. As shown below
In 2019 Q1 DDoS*** type distribution,
while the number of Linux botnets far exceeded Windows botnets, Linux botnets accounted for 95.71% of the total, while the share of Windows botnets rose to 4.29%.
According to CNCERT sampling monitoring data, in the first quarter of 2019, there were 230 DDoS***s initiated by broiler chickens on average every month through control terminal resources, an average of 29 control terminals in my country, and 201 control terminals overseas. In my country, according to provincial statistics, Jiangsu Province accounts for more than 20%, followed by Guangdong Province; according to operator statistics, telecom accounts for 66.5%, followed by China Unicom and China Mobile.
According to CNCERT sampling monitoring data, in the first quarter of 2019, there were an average of 195,694 broiler addresses simulating real addresses per month through broiler resources***. These broiler resources are calculated by province: Guangdong, Jiangsu, and Zhejiang account for the largest proportion, followed by Fujian and Henan; according to operator statistics: Telecom accounts for 74.5%, followed by China Unicom and China Mobile.
For reflection server resources, including NTP, SSDP reflection***, the largest proportion is mainly in Shandong, Guangdong, Central Plains, and Northeast China. According to the operator's statistics, China Unicom has a relatively large proportion.
From this, it can be seen that DDOS resources are mainly concentrated in the southern region, and from the data, it is still in the stage of continuous growth, and the main objects of DDOS are also concentrated in blockchain, payment platforms, games and website malls, etc. industry, and we will continue to pay attention to these major industries in the future. Make corresponding solutions for such industry leaders to minimize losses as much as possible.
Reprinted in: https://blog.51cto.com/13941676/2409358