[ad_1]
We are so used to the reliability of the various Internet services that they began to perceive them at the same level as the objects of the material world. But behind this reliability lies the excellent work of computer scientists. With the growing popularity of your site or app, you can become the target of hackers trying to disrupt the operation of your offspring. For example, using DDoS attacks. About what they are, experts told the CAO
The DDoS attack called actions to create conditions in which bona fide users can not access the web service. To do this, the attacker starts simultaneous access to the service from a large number of devices under his control. Imagine driving to a concert of your favorite band. The presence of 10,000 people is planned there. The only road leads to the site where the concert will take place. On him as soon as possible able to drive every 10,000 visitors to the concert. Informed musicians to disrupt the concert inform the media in all the media that next to the concert, half an hour before the concert as a charity event, free watermelons will be distributed to all spectators. As a result, a traffic jam is formed on the road of those who want to get a freebie, and guests who want to listen to music can not access the event.
In real life, a hacker is envious. set of controlled devices. Typically, large attacks are made by intruders using botnets. Botnet (botnet from robot and network words) – a computer network consisting of a number of devices with standalone software. Most often, such software is hidden on the victim device and allows an attacker to perform certain actions using the resources of the infected computer. In addition to the infrastructure to organize DDoS attacks, botnets are used to send spam, select pbadwords and other illegal activities.
Often a botnet is created from personal or professional computers. (video camera, mobile phone, smart clock, refrigerator, TV). To do this, hackers use various software vulnerabilities, an incorrect network configuration and the selection of pbadwords. However, the most "correct" way to include in the botnet is an independent installation by the user of unauthorized software. In addition, software installed from unreliable sources is a serious hazard.
The most popular targets of DDoS attacks are in countries such as China, the United States and the United Kingdom. Every day in the world there are more than 100,000 DDoS attacks.
The most powerful attacks, which are fixed in Belarus, reach 40 Gbit / s. Such attacks are noted every quarter. The goals are hosting sites and major Internet service infrastructure equipment providers (eg, NAT devices). Typically, the duration of the attack does not exceed 20 minutes, because the actions of the intruders are blocked by the operators. In this case, the hacker understands that the goal has not been reached, and stops "finishing".
However, in recent times, there have been recorded and unusual attacks. Thus, in February 2017, a DDoS attack with a capacity of 2 Gb / s was performed on the site of one of the state agencies, and its duration was 120 minutes. As a result, there was a denial of service not only on this site, but also on other resources located on the same virtual server (the site was hosted by a shared hosting technology). During the attack, the computing power of the server was exhausted, which made the sites inaccessible to users. During the investigation of the incident, its sources and the type of attack – http flood – were established. Technical measures taken quickly have ensured the restoration of access to the site.
In the fall of 2017, the target of intruders was the infrastructure of large national banks. For an hour, there were problems with the availability of banking services. As a result, the attack was blocked by the Beltelecom forces. The incident facilitated the decision of site owners to enter into agreements to provide protection services against DDoS attacks.
Attacks on online stores, major news sites, food delivery services, etc. every day for an hour. At the same time, customers could not use the company's website, which resulted in direct losses in daily business.
Among the unpredictable facts of DDoS attacks, one can cite the case of one of the largest Internet sites of the country. After the neutralization of the threat, it turned out that the hosting provider was not charging the size of the communication channel, but the amount of traffic transmitted. Thus, all traffic generated during the attack has been accounted for and billed. To the credit of the provider, after the negotiations, he did not support the traffic generated by the DDoS attack.
An entirely new example is sending e-mails with threats to Belarusian banks. In these letters, cybercriminals extort money. In case of refusal, the "hackers" are threatened to steal a much larger amount from the bank or disrupt the availability of banking services. Bank employees do not go to the opportunity because everything is about bbad scams. Real attacks after the threats have not followed. But the very fact that scammers have paid attention to our banks is a concern because highly trained cybercriminals can follow them.
It should be noted that an ordinary surfer is unlikely to become the target of a DDoS attack. This is due to the lack of interest of intruders. If you are a legal entity and your users have unexplained problems accessing the site, similar to the consequences of a DDoS attack, you must first contact the Internet Service Provider. Virtually all providers have the tools and specialists to determine the fact of the attack. If necessary, they can contact the CAO for coordinated action to restore resource availability. If the operator refuses to take action, you can contact the CAO yourself
Quick communication with the editorial board: read the Onliner public chat and send us an email to Viber!
A game on our channel Telegram [19659015]
[ad_2]
Source link
