Repeated DDoS attacks, you must not have taken the time to read this tutorial

In recent years, a large number of botnet-driven DDoS attacks have taken advantage of thousands of infected IoT, by launching a large amount of traffic to the victim's website as a means of attack, and ultimately cause serious consequences.anti DDOS Perennial stubborn DDoS seems difficult to cure, so in the end there are some effective ways to curb it?

What about repeated DDoS attacks?

Gartner predicts that by 2020, more than 20 billion IoT devices will be connected to the Internet around the world, with an average of 5.5 million devices added to the Internet every day, and by that time, more than half of all business systems will have built-in IoT components.virtual Machine cloud In response, traditional desktop security and localized firewalls are having a hard time fending off new cyberattacks, with hackers simply intercepting a connectivity tool to cut through to the device side.

More and more IoT devices are becoming a DDoS dish, and privacy is becoming an increasingly important part of network interactions. With the ubiquity of ransomware and various rogue software, many attacks are hard to detect,vpshosting so encryption measures for IoT are important.

Considering that the Internet of Things (iot) has many different types of devices and functionalities ranging from endpoints, wireless access, gateways to cloud platforms, many of which use different operating systems which are either customized or non-standard which increases the burden on the operator.

Some IoT-enabled objects have dynamic characteristics, such as cars and vehicles, or other devices that control critical systems. Symantec predicts that the number of attacks on IoT devices controlling critical infrastructure, such as power distribution and communications networks, will continue to increase.

With more employees as individuals as a unit can use products such as artificial intelligence speakers, wearable devices, smart homes, etc., there are more and more entrances to security management risks, and the sensors that need to be used by companies like industrial are becoming more and more subdivided, including WiFi-enabled thermostat-controlled heating, ventilation, and HVAC system design, etc., and these information sensors are accessing the core network we are very These information sensors when accessing the core network we are likely not authorized by the IT operations and maintenance team. A study found that most SMB cultures do not perceive the IoT or Industrial IoT wireless communications network as separate from the economic infrastructure of the organization.

Of course, extortion is not new to the DDOS world, but it's also interesting to see how attackers use it. Early ransomware such as DD4BC sent anonymous emails with attack and payment information, dates and deadlines, as well as smaller attacks that threatened larger attacks and larger payments that could be suffered by victims if their cooperation was not satisfactory.

Like Memcached in the DDoS world, attackers have widely and rapidly adopted cross-organizational and industry attacks of all sizes and will soon find ways to turn threats into business opportunities.

Another trend is that in 2019, more and more attackers will attempt to access home routers and other IoT hubs to capture their data. For example, malware that compromises these routers can steal banking credentials, access credit card numbers, or display fake malicious web pages to users to steal sensitive information. In other words, attackers are using home WI-FI routers and other less secure IoT devices in new ways.

The important question, therefore, is how can DDoS attacks be effectively defended against or effectively contained? First, users should try to understand where the attack is coming from, as the IP addresses that hackers call up during an attack are not always real. Once the real address segment is known, the corresponding code segment can be found for isolation or temporary filtering. Also, ports can be blocked if there are a limited number of ports connected to the core network.

Compared to the exhaustion after being attacked by the behavior, it is undoubtedly better to have a well-researched security management mechanism. Some people may choose a large-scale deployment as well as network technology infrastructure education facilities, but this approach can only delay the progress of the hacker's attack, and does not effectively solve these problems. In contrast, it is better to "block" those regional or temporary address segments to reduce the risk of attack.

In addition, you can also set up a protective wall in the backbone network, the core network nodes, so that in the event of a large-scale attack on the hosts can reduce the possibility of direct attacks. Given that core nodes tend to be high-bandwidth locations that hackers can focus on, it is important to regularly scan existing master nodes for vulnerabilities that could lead to risk.

Based on previous information from security vendors, the multi-layered approach to protecting against DDoS attacks still applies. For example, the protection equipment on the premises side must actively detect various types of DDoS attacks 24 hours a day, including traffic attacks, state exhaustion attacks, and application layer attacks; to avoid the drawbacks of firewalls and other equipment mentioned above, users should choose the protection equipment with stateless table architecture, which utilizes cloud platforms and big data analysis to accumulate and quickly detect attack signature codes and establish a fingerprint knowledge base to help enterprises timely detect and intercept Malicious traffic attacks.

There are other similar methods, such as limiting SYN/ICMP traffic, filtering all RFC1918 IP addresses and so on, but in the end, it is important to effectively curb the root cause, do not wait until a problem occurs to think of a solution, which is why DDoS attacks are so common.

cloud server hk: Efficient, Reliable, Global Connectivity for Seamless Operations.

DDoS attacks DDoS dish iot

0