Rostelecom ta gudanar da bincike kan hare-haren DDoS da aka kai a sashin Intanet na Rasha a cikin 2018. Kamar yadda rahoton ya nuna, a cikin 2018 an sami karuwa mai yawa ba kawai a yawan hare-haren DDoS ba, har ma a cikin ikon su. Hankalin maharan galibi yakan karkata ga sabar wasan.
Adadin hare-haren DDoS a cikin 2018 ya karu da kashi 95% idan aka kwatanta da na shekarar da ta gabata. An samu mafi yawan hare-hare a watan Nuwamba da Disamba. Yawancin kamfanonin e-commerce suna samun wani kaso mai tsoka na ribar da suke samu a karshen shekara, watau. a kan bukukuwan sabuwar shekara da makonnin da suka gabace su. Gasar tana da zafi musamman a wannan lokacin. Bugu da kari, a lokacin hutu akwai kololuwar ayyukan masu amfani a cikin wasannin kan layi.
Harin mafi tsawo da Rostelecom ya rubuta a cikin 2017 ya faru a watan Agusta kuma ya dauki tsawon sa'o'i 263 (kusan kwanaki 11). A cikin 2018, harin da aka yi rikodin a cikin Maris kuma yana ɗaukar sa'o'i 280 (kwanaki 11 da sa'o'i 16) ya kai matakin rikodin.
Shekarar da ta gabata an sami ƙaruwa sosai a cikin ikon hare-haren DDoS. Idan a cikin 2017 wannan adadi bai wuce 54 Gbit / s ba, to a cikin 2018 an kai hari mafi muni a cikin saurin 450 Gbit / s. Wannan ba keɓantacce ba ne: sau biyu kawai a cikin shekara wannan adadi ya ragu sosai ƙasa da 50 Gbit/s - a watan Yuni da Agusta.
Wanene aka fi kaiwa hari?
Kididdigar daga 2018 ta tabbatar da cewa barazanar DDoS ta fi dacewa ga masana'antu waɗanda mahimman hanyoyin kasuwancin su suka dogara da samun sabis da aikace-aikacen kan layi - da farko ɓangaren wasan caca da kasuwancin e-commerce.
Rabon harin akan sabar wasan shine kashi 64%. A cewar masu sharhi, hoton ba zai canza ba a cikin shekaru masu zuwa, kuma tare da ci gaban wasanni na e-wasanni, za mu iya sa ran karuwar yawan hare-haren da ake kaiwa masana'antu. Kamfanonin kasuwancin e-commerce suna ci gaba da “riƙe” matsayi na biyu (16%). Idan aka kwatanta da 2017, rabon hare-haren DDoS akan telecom ya karu daga 5% zuwa 10%, yayin da rabon cibiyoyin ilimi, akasin haka, ya ragu - daga 10% zuwa 1%.
Abu ne mai yuwuwa cewa dangane da matsakaicin adadin hare-hare kowane abokin ciniki, sashin wasan caca da kasuwancin e-commerce sun mamaye manyan hannun jari - 45% da 19%, bi da bi. Ƙarin abin da ba zato ba tsammani shi ne gagarumin karuwar hare-hare a kan bankuna da tsarin biyan kuɗi. Duk da haka, wannan ya fi dacewa saboda wani shiru 2017 bayan yakin da aka yi a kan sashin banki na Rasha a ƙarshen 2016. A cikin 2018, komai ya koma al'ada.
Hanyoyin Hari
Hanyar DDoS mafi mashahuri ita ce ambaliya ta UDP - kusan 38% na duk hare-haren ana aiwatar da su ta amfani da wannan hanya. Wannan yana biye da ambaliya ta SYN (20,2%) kuma kusan an raba daidai da rarrabuwar kai ta hanyar fakitin fakiti da haɓaka DNS - 10,5% da 10,1%, bi da bi.
A lokaci guda, kwatancen ƙididdiga na 2017 da 2018. ya nuna cewa rabon hare-haren ambaliyar ruwa na SYN ya kusan ninka sau biyu. Muna ɗauka cewa wannan shi ne saboda sauƙi na dangi da ƙananan farashi - irin waɗannan hare-haren ba sa buƙatar kasancewar botnet (wato, farashin ƙirƙira / haya / siyan shi).
Yawan hare-hare ta amfani da amplifiers ya karu. Lokacin shirya DDoS tare da haɓakawa, maharan suna aika buƙatun tare da adireshin tushe na karya zuwa sabobin, waɗanda ke ba da amsa ga wanda harin ya shafa tare da fakiti masu yawa. Wannan hanyar hare-haren DDoS na iya kaiwa wani sabon matakin kuma ya zama tartsatsi a nan gaba, tun da yake kuma baya buƙatar farashin tsari ko siyan botnet. A gefe guda, tare da haɓaka Intanet na Abubuwa da haɓaka yawan sanannun raunin da aka sani a cikin na'urorin IoT, za mu iya tsammanin fitowar sabbin botnets masu ƙarfi, kuma, saboda haka, raguwar farashin sabis don shirya hare-haren DDoS.
source: www.habr.com