Makore mashoma apfuura, masangano ekutsvagisa uye ruzivo rwekuchengetedza masevhisi vakatanga kushuma nhamba yeDDoS kurwisa. Asi nechikamu chekutanga chegore ra1, vaongorori vakafanana vakataura zvinoshamisa ne84%. Uye ipapo zvinhu zvose zvakabva pakusimba kuenda pakusimba. Kunyangwe denda harina kupa mumhepo yerunyararo - zvakapesana, macybercriminals uye spammers vakafunga ichi chiratidzo chakanakisa chekurwisa, uye huwandu hweDDoS hwakawedzera. .
Isu tinotenda kuti nguva yekukurumidza, kuona nyore DDoS kurwiswa (uye maturusi akareruka anogona kuvadzivirira) yapera. MaCybercriminals ave nani pakuvanza kurwiswa uku uye nekuzviita nekuwedzera kuoma. Iyo indasitiri yakasviba yatama kubva kune brute force kuenda kune application-level kurwisa. Anogashira mirairo yakakomba yekuparadza maitiro ebhizinesi, kusanganisira mamwe asina Indaneti.
Kutyora muchokwadi
Muna 2017, nhevedzano yekurwiswa kweDDoS yakanangana nemasevhisi ekufambisa eSweden zvakakonzera kureba . Muna 2019, iyo yenyika njanji inoshanda yeDenmark Zvirongwa zvekutengesa zvakadzikira. Nekuda kweizvozvo, michina yematikiti nemagedhi otomatiki hazvina kushanda pazviteshi, uye vanopfuura zviuru gumi nezvishanu vafambi havana kukwanisa kubuda. Zvakare muna 15, kurwiswa kwecyber kwakasimba kwakakonzera kudzimwa kwemagetsi mukati .
Migumisiro yekurwiswa kweDDoS ikozvino inowanikwa kwete chete nevashandisi vepaIndaneti, asiwo nevanhu, sezvavanotaura, IRL (muhupenyu chaihwo). Nepo vanorwisa vagara vakananga chete masevhisi epamhepo, chinangwa chavo chave kazhinji kukanganisa mashandiro ebhizinesi. Isu tinofungidzira kuti nhasi zvinopfuura 60% zvekurwiswa zvine chinangwa chakadaro - chekupamba kana kukwikwidza zvisina kunaka. Transactions uye Logistics zviri panjodzi zvakanyanya.
Yakangwara uye inodhura
DDoS inoramba ichionekwa seimwe yemhando dzinozivikanwa uye dzinokurumidza kukura dzecybercrime. Maererano nenyanzvi, kubva 2020 nhamba yavo ichawedzera chete. Izvi zvine chekuita nezvikonzero zvakasiyana-siyana - nekutonyanya kushanduka kwebhizinesi pamhepo nekuda kwedenda, uye nekuvandudzwa kweindasitiri yemumvuri yecybercrime, uye kunyangwe ne .
DDoS kurwiswa kwakava "kukurumbira" pane imwe nguva nekuda kwekureruka kwavo kwekuendesa uye kudhura kwakaderera: makore mashoma apfuura vaigona kutangwa nemadhora makumi mashanu pazuva. Nhasi, zvose zvinangwa zvekurwisa uye nzira dzakashanduka, zvichiwedzera kuoma kwavo uye, semugumisiro, mutengo. Kwete, mitengo kubva pamadhora mashanu paawa ichiri mumitengo yemitengo (hongu, matsotsi epamhepo ane mazita emitengo uye masheti emitero), asi kune webhusaiti ine dziviriro vanotoda kubva kumadhora mazana mana pazuva, uye mutengo we "munhu" mirairo yemakambani makuru. inosvika zviuru zvemadhora.
Ikozvino kune maviri makuru marudzi eDDoS kurwisa. Chinangwa chekutanga ndechekuita kuti online sosi isavepo kwenguva yakati. Varwi vanovabhadharira panguva yekurwisa chaiko. Muchiitiko ichi, mushandisi weDDoS haana hanya nezvechero mhedzisiro, uye mutengi anobhadhara kumberi kuti atange kurwisa. Nzira dzakadaro dzakachipa zvikuru.
Rudzi rwechipiri kurwisa kunobhadharwa chete kana imwe mhedzisiro yawanikwa. Zvinonyanya kunakidza navo. Izvo zvakanyanya kuoma kuita uye nekudaro zvakanyanya kudhura, sezvo vanorwisa vanofanirwa kusarudza nzira dzinoshanda dzekuzadzisa zvinangwa zvavo. KuVariti, dzimwe nguva tinotamba mitambo yese ye chess nema cybercriminals, kwavanobva vachinja maitiro nematurusi uye kuyedza kupaza kusazvibata kwakawanda pamatanho akawanda kamwechete. Izvi zvakajeka kurwiswa kwechikwata umo ma hackers anonyatsoziva maitiro ekuita uye kupokana nezviito zvevadziviriri. Kutarisana navo hakusi kwakaoma chete, asiwo kunodhura zvikuru kumakambani. Semuenzaniso, mumwe wevatengi vedu, mutengesi mukuru wepamhepo, akachengetedza boka revanhu makumi matatu kwemakore anoda kusvika matatu, iro basa raive rekurwisa DDoS kurwiswa.
Sekureva kweVariti, kurwiswa kwakapusa kweDDoS kunoitwa nekuda kwekubhowekana, kutsika-tsika kana kusagutsikana neimwe kambani parizvino inoverengera isingasviki gumi muzana yezvese kurwiswa kweDDoS (zvechokwadi, zviwanikwa zvisina kudzivirirwa zvinogona kuve nehuwandu hwakasiyana, isu tinotarisa kune yedu vatengi data) . Zvimwe zvese ibasa rezvikwata zvehunyanzvi. Zvisinei, zvikamu zvitatu zvezvose "zvakaipa" mabhoti akaoma mabhoti ayo akaoma kuona achishandisa zvigadziriswa zvemazuva ano zvemusika. Vanotevedzera maitiro evashandisi chaivo kana mabhurawuza uye vanounza mapatani anoita kuti zviome kusiyanisa pakati pezvikumbiro "zvakanaka" uye "zvakaipa". Izvi zvinoita kuti kurwiswa kusaonekwe uye nokudaro kunoshanda.
Data kubva kuGlobalDots
Zvitsva zveDDoS zvinangwa
Chirevo kubva kuvaongorori vanobva kuGlobalDots vanoti bots ikozvino inogadzira 50% yewebhu traffic yese, uye 17,5% yavo yakaipa bots.
Mabhoti anoziva nzira yekuparadza hupenyu hwemakambani nenzira dzakasiyana: pamusoro pekuti ivo "vanokanganisa" mawebhusaiti, ivo vari kuitawo mukuwedzera mari yekushambadzira, kudzvanya pane zviziviso, kupatsanura mitengo kuitira kuti vaite sendi shoma uye. kukwezva vatengi, uye kuba zvemukati nekuda kwezvikonzero zvakaipa zvakasiyana (semuenzaniso, isu nguva pfupi yadarika nezvemasayiti ane zvakabiwa izvo zvinomanikidza vashandisi kugadzirisa vamwe vanhu captchas). Mabhoti anokanganisa zvakanyanya huwandu hwebhizinesi hwakasiyana, uye semhedzisiro, sarudzo dzinoitwa zvichibva pane zvisiri izvo data. Kurwiswa kweDDoS kunowanzova chisikisiremu chehutsi hwemhosva dzakakomba dzakadai sekubira uye kuba data. Uye ikozvino tinoona kuti kirasi itsva yese yekutyisidzira kwe cyber yakawedzerwa - uku kukanganisa kwebasa remamwe mabhizinesi maitiro ekambani, kazhinji pasina Indaneti (sezvo munguva yedu hapana chinogona kuva "chisina basa" zvachose). Kunyanya kazhinji tinoona kuti maitiro ekugadzirisa uye kutaurirana nevatengi kuparara.
"Haina kusvitswa"
Logistics bhizinesi maitiro akakosha kumakambani mazhinji, saka anowanzo rwiswa. Heano maitiro ekurwisa anogona kuitika.
Haisipo
Kana iwe ukashanda mukutengeserana kwepamhepo, saka unenge watoziva nezve dambudziko remaodha emanyepo. Kana ichirwiswa, mabhoti anoremedza zviwanikwa zvekushandisa uye anoita kuti zvinhu zvisawanikwe kune vamwe vatengi. Kuti vaite izvi, vanoisa huwandu hukuru hwemaodha emanyepo, akaenzana nehuwandu hwehuwandu hwezvigadzirwa mustock. Zvinhu izvi hazvibhadharwe uye mushure menguva yakati zvinodzoserwa kunzvimbo. Asi chiito chave chatoitwa: vakaiswa chiratidzo se "kunze kwekutengesa", uye vamwe vatengi vatoenda kune vakwikwidzi. Iri zano rinonyatsozivikanwa muindasitiri yematikiti endege, uko mabhoti dzimwe nguva "anotengesa" matikiti ese pakarepo paanongowanikwa. Semuenzaniso, mumwe wevatengi vedu, ndege huru, akatambura nekurwiswa kwakadaro kwakarongwa nevakwikwidzi veChinese. Mumaawa maviri chete, mabhoti avo akarayira 100% yematikiti kune dzimwe nzvimbo.
Sneakers bots
Chiitiko chinotevera chakakurumbira: mabhoti anobva atenga mutsara wese wezvigadzirwa, uye varidzi vazvo vanozvitengesa gare gare nemutengo wakakwirisa (paavhareji 200% markup). Mabhoti akadaro anonzi sneakers bots, nokuti dambudziko iri rinonyatsozivikanwa mufashoni sneaker industry, kunyanya kuunganidza zvishoma. Mabhoti akatenga mitsetse mitsva yaive ichangobva kuoneka mumaminitsi angangoita, uku ichivharira sosi kuitira kuti vashandisi chaivo vasapfuure ipapo. Iyi inyaya isingawanzoiti apo bots yakanyorwa nezvayo mumafashoni anopenya emagazini. Kunyangwe, kazhinji, vatengesi vematiketi ekutonhodza zviitiko zvakaita semitambo yenhabvu vanoshandisa mamiriro akafanana.
Mamwe mascenario
Asi handizvo zvoga. Iko kune yakatonyanya kuoma vhezheni yekurwiswa kwe Logistics, iyo inotyisidzira kurasikirwa kwakanyanya. Izvi zvinogona kuitwa kana sevhisi iine "Payment pakugamuchira zvinhu" sarudzo. Mabhoti anosiya maodha emanyepo ezvigadzirwa zvakadaro, zvichiratidza manyepo kana kero chaidzo dzevanhu vasingafungire. Uye makambani anounza mutengo wakakura wekutakura, kuchengetedza, uye kutsvaga ruzivo. Panguva ino, zvinhu hazviwanikwe kune vamwe vatengi, uye vanotorawo nzvimbo mudura.
Chii chimwe? Mabhoti anosiya hukuru hwekunyepedzera wongororo pamusoro pezvigadzirwa, jam iyo "yekubhadhara kudzoka" basa, kuvharira kutengeserana, kuba data revatengi, spam vatengi chaivo - pane zvakawanda zvingasarudzwa. Muenzaniso wakanaka kurwiswa kwazvino paDHL, Hermes, AldiTalk, Freenet, Snipes.com. Hackers , kuti vari "kuyedza DDoS dziviriro masisitimu," asi pakupedzisira vanoisa pasi bhizinesi rebhizinesi revatengi portal uye ese maAPI. Izvi zvakaita kuti pave nekuvhiringwa kukuru mukuendeswa kwezvinhu kuvatengi.
Fona mangwana
Gore rapfuura, Federal Trade Commission (FTC) yakashuma zvakapetwa kaviri mukunyunyuta kubva kumabhizinesi nevashandisi nezve spam uye hunyengeri hwemafoni bot mafoni. Maererano nekumwe fungidziro, vanosvika mafoni ese.
Sezvakaita DDoS, zvinangwa zveTDoS-hukuru bot kurwisa pamafoni-kubva pa "hoaxes" kusvika kumakwikwi asina kunaka. Mabhoti anogona kuremedza nzvimbo dzekuonana uye kudzivirira vatengi chaivo kuti vasapotsa. Iyi nzira inoshanda kwete chete kune nzvimbo dzekufonera dzine "live" vanoshanda, asiwo uko maAVR masisitimu anoshandiswa. Mabhoti anogona zvakare kurwisa zvakanyanya dzimwe nzira dzekutaurirana nevatengi (chat, maemail), kukanganisa kushanda kweCRM masisitimu uye kunyangwe, kusvika pamwero wakati, kukanganisa manejimendi evashandi, nekuti vanoshanda vakaremerwa vachiedza kubata nedambudziko. Kurwiswa kwacho kunogona zvakare kuwiriraniswa neyakajairwa DDoS kurwisa pane zviwanikwa zvepamhepo zveanobatwa.
Munguva pfupi yapfuura, kurwiswa kwakafanana kwakavhiringidza basa rebasa rokununura muU.SA - vanhuwo zvavo vanoda rubatsiro vakangotadza kupfuura. Panguva imwe cheteyo, Dublin Zoo yakatambura nedambudziko rimwe chete, nevanhu vanosvika zviuru zvishanu vachigamuchira mameseji eSMS ekuvakurudzira kuti vafonere nhamba dzenhare dzeZoo nekuchimbidza kubvunza munhu wenhema.
Pachave pasina Wi-Fi
MaCybercriminals anogona zvakare kuvhara nyore nyore network yese yemakambani. IP blocking inowanzo shandiswa kurwisa DDoS kurwiswa. Asi izvi hazvisi chete zvisingabatsiri, asiwo maitiro ane ngozi zvikuru. Iyo IP kero iri nyore kuwana (semuenzaniso, kuburikidza nekutarisa zviwanikwa) uye nyore kutsiva (kana spoof). Takambove nevatengi vasati vauya kuVariti uko kuvharira chaiyo IP kwakangodzima Wi-Fi mumahofisi avo. Paiva nechiitiko apo mutengi "akatsvedza" neIP yaidiwa, uye akavhara kupinda kune yake sosi kune vashandisi kubva munharaunda yese, uye haana kuona izvi kwenguva yakareba, nekuti zvisizvo iyo sosi yese yakashanda zvakakwana.
Chii chitsva
Kutyisidzira kutsva kunoda mhinduro nyowani dzekuchengetedza. Nekudaro, iyi niche yemusika mutsva ichangotanga kubuda. Kune akawanda mhinduro dzekunyatso dzinga nyore bot kurwisa, asi neakaomarara hazvisi nyore. Mhinduro dzakawanda dzichiri kudzidzira IP blocking matekiniki. Vamwe vanoda nguva yekuunganidza data rekutanga kuti vatange, uye iwo maminetsi gumi kusvika gumi nemashanu anogona kuve munjodzi. Kune zvigadziriso zvakavakirwa pamuchina kudzidza izvo zvinokutendera kuti uone bot nemaitiro ayo. Uye panguva imwecheteyo, mapoka anobva kune "rumwe rutivi" anozvirumbidza kuti atova nemabhoti anogona kutevedzera maitiro chaiwo, asinganzwisisiki kubva kuvanhu. Hazvisati zvajeka kuti ndiani achakunda.
Chii chaunofanira kuita kana iwe uchifanira kubata nehunyanzvi bot zvikwata uye yakaoma, yakawanda-nhanho kurwisa pamatanho akati wandei kamwechete?
Chiitiko chedu chinoratidza kuti unofanirwa kutarisa pakusefa zvikumbiro zvisiri pamutemo pasina kuvhara IP kero. Kurwiswa kwakaoma kweDDoS kunoda kusefa pamatanho akati wandei kamwechete, kusanganisira iyo yekufambisa level, application level, uye API interfaces. Nekuda kweizvi, zvinokwanisika kudzoreredza kunyangwe kuderera-kurwiswa kunowanzo kusingaonekwe uye saka kazhinji kupotsa. Chekupedzisira, vese vashandisi chaivo vanofanirwa kubvumidzwa kuburikidza, kunyangwe kurwiswa kuri kushanda.
Chechipiri, makambani anoda kugona kugadzira avo ega ega ega ega edziviriro masisitimu, ayo, kunze kwezvishandiso zvekudzivirira DDoS kurwiswa, achave akavakirwa-mukati masisitimu ekurwisa hutsotsi, kuba data, kuchengetedzwa kwemukati, zvichingodaro.
Chechitatu, ivo vanofanirwa kushanda munguva chaiyo kubva pachikumbiro chekutanga - kugona kupindura ipapo kune zviitiko zvekuchengetedza kunowedzera zvakanyanya mikana yekudzivirira kurwiswa kana kuderedza simba rayo rekuparadza.
Pedyo neramangwana: mukurumbira manejimendi uye yakakura data kuunganidza uchishandisa bots
Nhoroondo yeDDoS yakabva kune nyore kuenda kune yakaoma. Pakutanga, chinangwa chevapambi chaiva chokumisa nzvimbo yacho kushanda. Ivo zvino vanozviona zvakanyanya kushanda kunanga epakati bhizinesi maitiro.
Iyo sophistication yekurwiswa icharamba ichiwedzera, hazvidzivisiki. Uyezve izvo zvakaipa mabhoti ari kuita iko zvino - kuba data uye kunyepedzera, kupamba, spam - bots inounganidza data kubva kunhamba yakawanda yezvinyorwa (Big Data) uye kugadzira "akasimba" maakaundi ekunyepa ekupesvedzera manejimendi, mukurumbira kana kuwanda phishing.
Parizvino, makambani makuru chete anogona kukwanisa kuisa mari muDDoS uye kuchengetedzwa kwebhoti, asi kunyangwe ivo havagone kugara vachinyatso tarisa uye kusefa traffic inogadzirwa ne bots. Chinhu chimwe chete chakanaka pamusoro pekuti kurwiswa kwebhoti kuri kuwedzera kuoma ndechekuti inosimudzira musika kugadzira yakangwara uye yakanyanya kuchengetedzeka mhinduro.
Iwe unofungei - iyo indasitiri yekudzivirira yebhoti ichavandudza sei uye ndedzipi mhinduro dzinodiwa pamusika izvozvi?
Source: www.habr.com