Kwiminyaka embalwa edlulileyo, ii-arhente zophando kunye nabanikezeli benkonzo yokhuseleko lolwazi baqala ukunika ingxelo inani lohlaselo lweDDoS. Kodwa ngekota yoku-1 ka-2019, abaphandi abafanayo banike ingxelo yabo emangalisayo ngama-84%. Kwaye ke yonke into yahamba ukusuka emandleni ukuya emandleni. Nokuba ubhubhane awuzange ube negalelo kumoya woxolo-ngokwahlukileyo koko, abaphuli-mthetho be-cybercriminals kunye ne-spammers bayithatha njengophawu olubalaseleyo lokuhlasela, kwaye umthamo we-DDoS unyukile. .
Sikholelwa ukuba ixesha lokuhlaselwa kweDDoS olulula, olufunyenwe lula (kunye nezixhobo ezilula ezinokuzithintela) liphelile. Izigebenga ze-Cybercriminal ziye zaba ngcono ekufihleni olu hlaselo kwaye lulwenze ngobuchule obuninzi. Ishishini elimnyama liye lahamba ukusuka kwi-brute force ukuya kwi-application-level attack. Ufumana ii-odolo ezinzulu zokutshabalalisa iinkqubo zoshishino, kuquka nezingekho kwi-intanethi.
Ukuqhekeka kwinyani
Kwi-2017, uchungechunge lwe-DDoS olujoliswe kwiinkonzo zothutho zaseSweden lubangele ixesha elide . Ngo-2019, umqhubi kaloliwe kazwelonke waseDenmark Iinkqubo zokuthengisa zehla. Ngenxa yoko, oomatshini bamatikiti kunye namasango azenzekelayo awazange asebenze kwizikhululo, kwaye abakhweli abangaphezu kwe-15 lamawaka abazange bakwazi ukuhamba. Kananjalo ngo-2019, uhlaselo olunamandla lwe-cyber lubangele ukucima kombane .
Imiphumo yokuhlaselwa kwe-DDoS ngoku ayifumaneki kuphela kubasebenzisi be-intanethi, kodwa nakubantu, njengoko bethetha, i-IRL (kubomi bokwenene). Ngelixa abahlaseli bebejolise kuphela kwiinkonzo ze-intanethi, injongo yabo ngoku ihlala iphazamisa nayiphi na imisebenzi yeshishini. Siqikelela ukuba namhlanje ngaphezu kwe-60% yohlaselo lunenjongo enjalo - ukuphanga okanye ukhuphiswano olungalunganga. Iintengiselwano kunye nolungiselelo lusemngciphekweni ngakumbi.
Ikrelekrele kwaye ibiza kakhulu
I-DDoS isaqhubeka ithathwa njengenye yezona ntlobo zixhaphakileyo nezikhula ngokukhawuleza zolwaphulo-mthetho kwi-intanethi. Ngokutsho kweengcali, ukususela ngo-2020 inani labo liya kwanda kuphela. Oku kunxulunyaniswa nezizathu ezahlukeneyo- kunye notshintsho olukhulu ngakumbi lweshishini kwi-Intanethi ngenxa yobhubhane, kunye nophuhliso lweshishini lesithunzi lolwaphulo-mthetho lwe-cyber, kunye no. .
Uhlaselo lwe-DDoS lwaba "ludumo" ngaxeshanye ngenxa yokulula kwabo ukuthunyelwa kunye neendleko eziphantsi: kwiminyaka embalwa edlulileyo banokusungulwa nge-$ 50 ngosuku. Namhlanje, zombini iithagethi kunye neendlela zitshintshile, zandisa ubunzima bazo kwaye, ngenxa yoko, iindleko. Hayi, amaxabiso avela kwi-5 yeedola ngeyure asekho kuluhlu lwamaxabiso (ewe, abaphuli be-intanethi banoluhlu lwamaxabiso kunye neeshedyuli zeerhafu), kodwa kwiwebhusayithi ekhuselekileyo sele ifuna i-$ 400 ngosuku, kunye neendleko ze-odolo "zomntu ngamnye" kwiinkampani ezinkulu. ifikelela kumawaka aliqela eerandi.
Okwangoku kukho iindidi ezimbini eziphambili zohlaselo lwe-DDoS. Injongo yokuqala kukwenza isixhobo esikwi-intanethi singafumaneki kangangexesha elithile. Abahlaseli bayawahlawulisa ngexesha lohlaselo ngokwalo. Kule meko, umqhubi we-DDoS akanandaba naso nasiphi na isiphumo esithile, kwaye umxhasi ngokwenene uhlawula kwangaphambili ukuqalisa uhlaselo. Iindlela ezinjalo zitshiphu kakhulu.
Uhlobo lwesibini luhlaselo oluhlawulwa kuphela xa umphumo othile ufunyenwe. Inomdla ngakumbi kunye nabo. Kunzima kakhulu ukuphumeza kwaye ke kuyabiza kakhulu, kuba abahlaseli kufuneka bakhethe ezona ndlela zisebenzayo ukufezekisa iinjongo zabo. Kwi-Variti, ngamanye amaxesha sidlala yonke imidlalo ye-chess kunye nolwaphulo-mthetho lwe-cyber, apho batshintsha ngoko nangoko amaqhinga kunye nezixhobo kwaye bazame ukungena kubuthathaka obuninzi kumanqanaba amaninzi ngexesha elinye. Ezi zihlaselo zeqela ngokucacileyo apho abahlaseli bayazi kakuhle indlela yokusabela kunye nokuchasana nezenzo zabakhuseli. Ukujongana nabo akunzima nje kuphela, kodwa kubiza kakhulu kwiinkampani. Ngokomzekelo, omnye wabathengi bethu, umthengisi omkhulu we-intanethi, wagcina iqela labantu abangama-30 phantse iminyaka emithathu, umsebenzi wabo wawukulwa nokuhlaselwa kweDDoS.
Ngokutsho kweVariti, uhlaselo olulula lwe-DDoS lwenziwa ngenxa yokukruquka, ukunyathela okanye ukunganeliseki kwinkampani ethile okwangoku i-akhawunti engaphantsi kwe-10% yazo zonke izihlaselo ze-DDoS (ewe, izixhobo ezingakhuselekanga zinokuba nezibalo ezahlukeneyo, sijonga idatha yethu yabathengi) . Yonke enye into ingumsebenzi wamaqela aqeqeshiweyo. Nangona kunjalo, iikota ezintathu zazo zonke iibhothi "ezimbi" ziyi-bots eziyinkimbinkimbi ekunzima ukuzibona zisebenzisa izisombululo ezininzi zeemarike zanamhlanje. Baxelisa ukuziphatha kwabasebenzisi bokwenyani okanye iiphequluli kwaye bazise iipateni ezenza kube nzima ukwahlula phakathi kwezicelo "ezilungileyo" kunye "ezimbi". Oku kwenza ukuba uhlaselo lungabonakali kwaye lusebenze ngakumbi.
Idatha evela kwi-GlobalDots
Iithagethi zeDDoS ezintsha
Ingxelo ukusuka kubahlalutyi abavela kwi-GlobalDots ithi i-bots ngoku ivelisa i-50% yazo zonke i-traffic web, kwaye i-17,5% yazo i-bots enobungozi.
Iibhothi ziyayazi indlela yokonakalisa ubomi beenkampani ngeendlela ezahlukeneyo: ukongeza kwinto yokuba "ziyantlitheka" iiwebhusayithi, ngoku zibandakanyeka ekwandiseni iindleko zentengiso, ukucofa iintengiso, ukucazulula amaxabiso ukuze babenze imali encinci kwaye. Ukurhwebesha abathengi, kwaye ube umxholo ngeenjongo ezahlukeneyo ezimbi (umzekelo, kutshanje malunga neesayithi ezinomxholo obiweyo onyanzelisa abasebenzisi ukuba basombulule i-captchas yabanye abantu). Iibhothi zigqwetha kakhulu izibalo ezahlukeneyo zoshishino, kwaye ngenxa yoko, izigqibo zenziwe ngokusekelwe kwidatha engalunganga. Uhlaselo lwe-DDoS luhlala lusisikhuselo somsi kulwaphulo-mthetho olubi ngakumbi olunjengokugqekeza kunye nokubiwa kwedatha. Kwaye ngoku siyabona ukuba iklasi entsha yezoyikiso ze-cyber zongezwa - oku kukuphazamiseka komsebenzi weenkqubo ezithile zoshishino zenkampani, zihlala zingekho kwi-intanethi (ekubeni kwixesha lethu akukho nto inokuthi "i-intanethi" ngokupheleleyo). Ngokukodwa kaninzi sibona ukuba iinkqubo zenkqubo kunye nonxibelelwano kunye nabathengi baphula.
"Ayiziswanga"
Iinkqubo zoshishino lweLogistics zingundoqo kwiinkampani ezininzi, ngoko zihlala zihlaselwa. Nazi iimeko zokuhlasela ezinokubakho.
Ayifumaneki
Ukuba usebenza kurhwebo lwe-intanethi, mhlawumbi sele uqhelene nengxaki yee-odolo zobuxoki. Xa zihlaselwa, ii-bots zilayisha kakhulu izixhobo zokusebenza kwaye zenze iimpahla zingafumaneki kwabanye abathengi. Ukwenza oku, babeka inani elikhulu lee-odolo zobuxoki, ezilingana nenani eliphezulu leemveliso kwisitokhwe. Ezi mpahla ke azihlawulwa kwaye emva kwexesha elithile zibuyiselwa kwisiza. Kodwa isenzo sele senziwe: baphawulwe ngokuthi "ngaphandle kwempahla", kwaye abanye abathengi sele beye kukhuphiswano. Eli qhinga laziwa kakhulu kwishishini lamatikiti eenqwelomoya, apho ii-bots ngamanye amaxesha "zithengisa" onke amatikiti ngokukhawuleza nje ukuba afumaneke. Ngokomzekelo, omnye wabathengi bethu, inqwelomoya enkulu, wabandezeleka kuhlaselo olunjalo oluququzelelwe ngabakhuphisana baseTshayina. Kwiiyure nje ezimbini, iibhothi zabo zayalela i-100% yamatikiti kwiindawo ezithile.
Iibhothi ze-sneakers
Imeko elandelayo eyaziwayo: iibhothi zithenga ngokukhawuleza umgca opheleleyo weemveliso, kwaye abanini bazo bathengisa kamva ngexabiso eliphakamileyo (ngokwe-avareji ye-200% markup). Iibhothi ezinjalo zibizwa ngokuba yi-sneakers bots, kuba le ngxaki iyaziwa kwi-fashion sneaker industry, ngokukodwa ukuqokelela okulinganiselwe. I-Bots ithenge imigca emitsha ebisanda kuvela phantse kwimizuzu, ngelixa ivimba uvimba ukuze abasebenzisi bokwenyani bangakwazi ukudlula apho. Le yimeko enqabileyo xa i-bots yabhalwa malunga neemagazini ezifake imfashini. Nangona, ngokubanzi, abathengisi bamatikiti kwimisitho epholileyo efana nemidlalo yebhola ekhatywayo basebenzisa imeko efanayo.
Ezinye iimeko
Kodwa akuphelelanga apho. Kukho inguqulelo entsonkothileyo ngakumbi yohlaselo kulungiselelo, olusongela ilahleko enkulu. Oku kunokwenziwa ukuba inkonzo inenketho ethi "Intlawulo xa kufunyenwe iimpahla". Iibhothi zishiya ii-odolo ezingeyonyani zeempahla ezinjalo, ezibonisa umgunyathi okanye needilesi zokwenyani zabantu abangalindelanga. Kwaye iinkampani zenza iindleko ezinkulu zokuhanjiswa, ukugcinwa, kunye nokufumana iinkcukacha. Ngeli xesha, iimpahla azifumaneki kwabanye abathengi, kwaye bathatha indawo kwindawo yokugcina impahla.
Yintoni enye? Iibhothi zishiya uphononongo olubi olungelulo malunga neemveliso, i-jam "imbuyekezo yentlawulo" umsebenzi, ukuthintela ukuthengiselana, ukubiwa kwedatha yabathengi, ugaxekile abathengi bokwenyani - kukho iindlela ezininzi onokukhetha kuzo. Umzekelo omhle kuhlaselo lwakutsha nje kwi-DHL, iHermes, iAldiTalk, iFreenet, iSnipes.com. IiHackers , ukuba "bavavanya iinkqubo zokukhusela i-DDoS," kodwa ekugqibeleni babeka i-portal yenkampani yomthengi weshishini kunye nazo zonke ii-API. Ngenxa yoko, kubekho ukuphazamiseka okukhulu ekuhanjisweni kwempahla kubathengi.
Fowuna ngomso
Kunyaka ophelileyo, i-Federal Trade Commission (FTC) ibike ngokuphindwe kabini kwizikhalazo ezivela kumashishini kunye nabasebenzisi malunga ne-spam kunye neefowuni ze-bot zobuqhetseba. Ngokutsho kolunye uqikelelo, ziyalingana zonke iifowuni.
Njenge-DDoS, iinjongo ze-TDoS-i-bot enkulu yokuhlaselwa kweefowuni-isuka kwi-"hoaxes" ukuya kukhuphiswano olungenangqiqo. Iibhothi zinokulayisha ngaphezulu kwamaziko onxibelelwano kwaye zithintele abathengi bokwenyani ukuba bangaphoswa. Le ndlela ayisebenzi kuphela kumaziko ocingo anabaqhubi "abaphilayo", kodwa nalapho kusetyenziswa iinkqubo ze-AVR. Iibhothi zinokuhlasela kakhulu amanye amajelo onxibelelwano nabathengi (incoko, ii-imeyile), iphazamise ukusebenza kweenkqubo zeCRM kwaye, ukuya kuthi ga kumlinganiselo othile, ichaphazele kakubi ulawulo lwabasebenzi, kuba abaqhubi bagcwele kakhulu bezama ukumelana nale ngxaki. Uhlaselo lunokudityaniswa nohlaselo lwesiqhelo lweDDoS kwizixhobo ze-intanethi zexhoba.
Kutshanje, uhlaselo olufanayo luye lwaphazamisa umsebenzi wenkonzo yokuhlangula e-USA - abantu abaqhelekileyo abafuna uncedo ngokukhawuleza abakwazanga ukudlula. Kwangelo xesha linye, iDublin Zoo yafumana ishwangusha elifanayo, ubuncinci abantu abangama-5000 abafumana imiyalezo ye-sms yesms ebakhuthaza ukuba bafowunele ngokukhawuleza inombolo yefowuni yezoo kwaye bacele umntu oyintsomi.
Akuyi kubakho Wi-Fi
Izigebenga ze-Cybercriminal nazo zinokuvala ngokulula inethiwekhi yeshishini lonke. Ukuvalwa kwe-IP kudla ngokusetyenziswa ukulwa nokuhlaselwa kweDDoS. Kodwa oku akusebenzi nje kuphela, kodwa kunye nokusebenza kuyingozi kakhulu. Idilesi ye-IP kulula ukuyifumana (umzekelo, ngokujongwa kwezixhobo) kwaye kulula ukuyibuyisela (okanye i-spoof). Siye saba nabathengi ngaphambi kokuba beze eVariti apho bevala i-IP ethile bacima i-Wi-Fi kwiiofisi zabo. Kwakukho imeko xa umxhasi "etyibilika" nge-IP efunekayo, kwaye wavala ukufikelela kumthombo wakhe kubasebenzisi abavela kummandla wonke, kwaye akazange aqaphele oku ixesha elide, kuba ngaphandle koko yonke into isebenze ngokugqibeleleyo.
Yintoni entsha?
Izisongelo ezintsha zifuna izisombululo ezitsha zokhuseleko. Nangona kunjalo, le niche entsha yentengiso isaqala ukuvela. Zininzi izisombululo zokugxotha ngempumelelo uhlaselo lwe-bot olulula, kodwa ngezinto ezinzima akulula kangako. Izisombululo ezininzi zisaqhuba iindlela zokuthintela i-IP. Abanye bafuna ixesha lokuqokelela idatha yokuqala ukuze baqalise, kwaye loo mizuzu eyi-10-15 ingaba sesichengeni. Kukho izisombululo ezisekelwe kumatshini wokufunda okuvumela ukuba uchonge ibhot ngokuziphatha kwayo. Kwaye ngelo xesha, amaqela avela kwelinye icala aqhayisa ukuba sele sele eneebhothi ezinokuxelisa iipatheni zangempela, ezingabonakaliyo kubantu. Akukacaci ukuba ngubani oza kuphumelela.
Yintoni onokuyenza ukuba kufuneka ujongane namaqela e-bot yobuchwephesha kunye nohlaselo olunzima, lwamanqanaba amaninzi kumanqanaba aliqela ngaxeshanye?
Amava ethu abonisa ukuba kufuneka ugxininise ekuhlungeni izicelo ezingekho mthethweni ngaphandle kokuthintela iidilesi ze-IP. Uhlaselo oluntsonkothileyo lweDDoS lufuna ukuhluzwa kumanqanaba amaninzi ngexesha elinye, kubandakanywa inqanaba lezothutho, inqanaba lesicelo, kunye ne-API interfaces. Ndiyabulela kule nto, kunokwenzeka ukugxotha nokuhlaselwa okuphantsi kwe-frequency ehlala ingabonakali kwaye ngoko ihlala iphosakele. Okokugqibela, bonke abasebenzisi bokwenyani kufuneka bavunyelwe, nangona uhlaselo lusebenza.
Okwesibini, iinkampani zidinga amandla okudala iinkqubo zabo zokukhusela izigaba ezininzi, ezo, ngaphezu kwezixhobo zokuthintela ukuhlaselwa kwe-DDoS, ziya kuba neenkqubo ezakhelweyo ezichasene nobuqhetseba, ukubiwa kwedatha, ukukhuselwa komxholo, njalo njalo.
Okwesithathu, kufuneka basebenze ngexesha langempela ukusuka kwisicelo sokuqala - ukukwazi ukuphendula ngokukhawuleza kwiziganeko zokhuseleko kwandisa kakhulu amathuba okuthintela ukuhlaselwa okanye ukunciphisa amandla ayo okutshabalalisa.
Kungekudala: ulawulo lodumo kunye nokuqokelela idatha enkulu usebenzisa i-bots
Imbali ye-DDoS iye yavela ukusuka kokulula ukuya kubunzima. Ekuqaleni, injongo yabahlaseli yayikukunqanda isiza singasebenzi. Ngoku bakufumanisa kusebenza ngakumbi ukujolisa kwiinkqubo ezingundoqo zoshishino.
Ubuchwephesha bokuhlaselwa buya kuqhubeka ukwanda, akunakuphepheka. Kwaye yintoni i-bots embi eyenzayo ngoku - ubusela bedatha kunye nobuxoki, ukuphanga, i-spam - i-bots iya kuqokelela idatha kwinani elikhulu lemithombo (iDatha enkulu) kwaye yenze "i-robust" i-akhawunti yomgunyathi yokulawula impembelelo, isithunzi okanye i-phishing enkulu.
Okwangoku, kuphela iinkampani ezinkulu ezinokukwazi ukutyalomali kwi-DDoS kunye nokukhuselwa kwe-bot, kodwa azikwazi ukuhlala zibeke iliso ngokupheleleyo kwaye zihluze i-traffic eyenziwa yi-bots. Ekuphela kwento entle malunga nokuba uhlaselo lwe-bot luba nzima ngakumbi kukuba ivuselela intengiso ukwenza izisombululo zokhuseleko ezikrelekrele neziphambili.
Ucinga ntoni - imboni yokukhusela i-bot iya kuphuhlisa njani kwaye zeziphi izisombululo ezifunekayo kwimarike ngoku?
umthombo: www.habr.com
