Eminyakeni embalwa edlule, izikhungo zocwaningo kanye nabahlinzeki bezinsizakalo zokuphepha kolwazi baqala ukubika inombolo yokuhlaselwa kwe-DDoS. Kepha ngekota yokuqala ka-1, abacwaningi abafanayo babike okumangazayo kwabo ngo-84%. Futhi konke kwahamba kusukela emandleni kuya emandleni. Ngisho nobhubhane aluzange lube nomthelela emkhathini wokuthula - ngokuphambene nalokho, izigebengu ze-cyber kanye nogaxekile babheka lokhu njengophawu oluhle kakhulu lokuhlasela, futhi ivolumu ye-DDoS yanda. .
Sikholelwa ukuthi isikhathi sokuhlaselwa kwe-DDoS okulula, okutholakala kalula (namathuluzi alula angakwazi ukukuvimba) sesiphelile. Izigebengu ze-Cybercriminal ziye zaba ngcono ekufihleni lokhu kuhlasela futhi zikwenze ngobuchule obukhulayo. Imboni emnyama isisukile ekubeni yisihluku kuya ekuhlaselweni kwezinga lezicelo. Uthola imiyalo enzima yokucekela phansi izinqubo zebhizinisi, kuhlanganise nalezo ezingaxhunyiwe ku-inthanethi.
Ukugqekeza eqinisweni
Ngo-2017, uchungechunge lokuhlaselwa kwe-DDoS okuqondiswe kwezinsizakalo zokuthutha zaseSweden kuholele ekutheni kube isikhathi eside . Ngo-2019, opharetha wesitimela kazwelonke waseDenmark Amasistimu okuthengisa ehlile. Ngenxa yalokho, imishini yamathikithi namasango azenzakalelayo awazange asebenze eziteshini, futhi abagibeli abangaphezu kwezinkulungwane ezingu-15 abakwazanga ukuhamba. Futhi ngo-2019, ukuhlasela kwe-cyber okunamandla kwabangela ukunqamuka kukagesi .
Imiphumela yokuhlaselwa kwe-DDoS manje ayitholakali kuphela kubasebenzisi be-intanethi, kodwa futhi ngabantu, njengoba besho, i-IRL (empilweni yangempela). Nakuba abahlaseli ngokomlando bebeqondise kuphela izinsiza ze-inthanethi, umgomo wabo manje uwukuphazamisa noma yikuphi ukusebenza kwebhizinisi. Silinganisela ukuthi namuhla ngaphezu kwamaphesenti angu-60 okuhlasela kunenjongo enjalo - yokuqola noma ukuncintisana okungafanele. Okwenziwayo kanye nokusetshenziswa kusengozini kakhulu.
Ihlakaniphile futhi ibiza kakhulu
I-DDoS isaqhubeka nokubhekwa njengenye yezinhlobo ezivame kakhulu nezikhula ngokushesha zobugebengu be-inthanethi. Ngokusho kochwepheshe, kusukela ngo-2020 isibalo sabo sizokhula kuphela. Lokhu kuhlotshaniswa nezizathu ezahlukahlukene - ngokushintsha okukhulu kwebhizinisi ku-inthanethi ngenxa yalolu bhubhane, kanye nokuthuthukiswa kwemboni yesithunzi yobugebengu bamakhompiyutha, ngisho .
Ukuhlasela kwe-DDoS “kwaduma” ngesinye isikhathi ngenxa yokusebenziseka kalula kanye nezindleko eziphansi: eminyakeni embalwa edlule kwakungase kwethulwe ngamadola angama-50 ngosuku. Namuhla, kokubili okuhlosiwe nezindlela zokuhlasela kushintshile, okwandisa ubunzima babo futhi, ngenxa yalokho, izindleko. Cha, izintengo ezisuka ku-$5 ngehora zisesohlwini lwamanani (yebo, izigebengu ze-inthanethi zinezinhlu zamanani namashejuli entela), kodwa kuwebhusayithi enesivikelo sezivele zifuna ku-$400 ngosuku, kanye nezindleko zama-oda “ngawodwa” ezinkampanini ezinkulu. ifinyelela ezinkulungwaneni ezimbalwa zamadola.
Okwamanje kunezinhlobo ezimbili eziyinhloko zokuhlaselwa kwe-DDoS. Umgomo wokuqala ukwenza insiza eku-inthanethi ingatholakali isikhathi esithile. Abahlaseli babakhokhise ngesikhathi sokuhlasela uqobo. Kulokhu, opharetha we-DDoS akanandaba nanoma yimuphi umphumela othize, futhi iklayenti empeleni likhokha kusengaphambili ukuze liqalise ukuhlasela. Izindlela ezinjalo zishibhile impela.
Uhlobo lwesibili ukuhlaselwa okukhokhelwa kuphela uma umphumela othile ufinyelelwa. Kuyathakazelisa kakhulu ngabo. Zinzima kakhulu ukuzisebenzisa futhi ngenxa yalokho zibiza kakhulu, njengoba abahlaseli kufanele bakhethe izindlela eziphumelela kakhulu ukufeza izinhloso zabo. E-Variti, kwesinye isikhathi sidlala yonke imidlalo ye-chess nezigebengu ze-inthanethi, lapho zishintsha khona amasu namathuluzi bese zizama ukungena ebuthakathakeni obuningi kumaleveli amaningi ngesikhathi esisodwa. Lokhu ukuhlasela kweqembu ngokusobala lapho abaduni bazi kahle ukuthi kufanele benze kanjani futhi baphikisane nezenzo zabadlali basemuva. Ukubhekana nabo akunzima nje kuphela, kodwa futhi kubiza kakhulu ezinkampanini. Isibonelo, elinye lamakhasimende ethu, umthengisi omkhulu we-inthanethi, wagcina ithimba labantu abangu-30 cishe iminyaka emithathu, umsebenzi wabo kwakuwukulwa nokuhlaselwa kwe-DDoS.
Ngokusho kwe-Variti, ukuhlaselwa okulula kwe-DDoS okwenziwa ngenxa yesithukuthezi, ukunyathela noma ukunganeliseki ngenkampani ethile okwamanje kubiza ngaphansi kwe-10% yakho konke ukuhlaselwa kwe-DDoS (Yebo, izinsiza ezingavikelekile zingaba nezibalo ezihlukene, sibheka idatha yamakhasimende ethu) . Konke okunye kuwumsebenzi wamaqembu ochwepheshe. Kodwa-ke, izingxenye ezintathu kwezine zazo zonke i-bots "ezimbi" ziyi-bot eziyinkimbinkimbi okunzima ukuzibona zisebenzisa izixazululo eziningi zemakethe zanamuhla. Balingisa ukuziphatha kwabasebenzisi bangempela noma iziphequluli futhi bethule amaphethini akwenza kube nzima ukuhlukanisa phakathi kwezicelo “ezinhle” kanye “nezimbi”. Lokhu kwenza ukuhlasela kungabonakali futhi ngakho-ke kuphumelele kakhulu.
Idatha evela ku-GlobalDots
Okuhlosiwe okusha kwe-DDoS
Bika kusuka kubahlaziyi abavela ku-GlobalDots ithi ama-bots manje akhiqiza u-50% wayo yonke ithrafikhi yewebhu, futhi u-17,5% wawo ama-bot anonya.
Amabhothi ayakwazi ukucekela phansi izimpilo zezinkampani ngezindlela ezahlukene: ngaphezu kweqiniso lokuthi "aphahlazeka" amawebhusayithi, manje aphinde abambe iqhaza ekwandiseni izindleko zokukhangisa, ngokuchofoza izikhangiso, ukuhlaziya amanani ukuze abenze imali encane futhi. ukuyenga abathengi, futhi untshontshe okuqukethwe ngezinjongo ezimbi ezahlukahlukene (isibonelo, thina kamuva nje mayelana namasayithi anokuqukethwe okuntshontshiwe okuphoqa abasebenzisi ukuthi baxazulule ama-captchas abanye abantu). Amabhothi ahlanekezela kakhulu izibalo zebhizinisi ezihlukahlukene, futhi ngenxa yalokho, izinqumo zenziwa ngokusekelwe kudatha engalungile. Ukuhlasela kwe-DDoS kuvame ukuba isikrini somusi samacala abucayi kakhulu njengokugebenga kanye nokwebiwa kwedatha. Futhi manje siyabona ukuthi isigaba esisha sezinsongo ze-cyber sengeziwe - lokhu kungukuphazamiseka komsebenzi wezinqubo ezithile zebhizinisi zenkampani, ngokuvamile ungaxhunyiwe ku-inthanethi (njengoba esikhathini sethu akukho "okungaxhunywanga" ngokuphelele). Ikakhulukazi ngokuvamile sibona ukuthi izinqubo ze-logistics kanye nokuxhumana namakhasimende kuyaphuka.
"Akulethiwe"
Izinqubo zebhizinisi Logistics zibalulekile ezinkampanini eziningi, ngakho-ke zivame ukuhlaselwa. Nazi izimo zokuhlasela ezingaba khona.
Akutholakali
Uma usebenza kwezohwebo eziku-inthanethi, cishe usuvele ujwayelene nenkinga yama-oda mbumbulu. Uma ihlaselwa, ama-bots alayisha ngokweqile izinsiza zezokuthutha futhi enze izimpahla zingatholakali kwabanye abathengi. Ukuze benze lokhu, babeka inani elikhulu lama-oda mbumbulu, elilingana nenani eliphakeme lemikhiqizo esitokweni. Lezi zimpahla azikhokhwa futhi emva kwesikhathi esithile zibuyiselwa endaweni. Kodwa isenzo sesivele senziwe: zaphawulwa ngokuthi "ziphelile", futhi abanye abathengi sebevele baye kwabancintisana nabo. Leli qhinga laziwa kakhulu embonini yamathikithi endiza, lapho ama-bot kwesinye isikhathi “athengisa” wonke amathikithi ngokushesha nje lapho etholakala. Isibonelo, elinye lamakhasimende ethu, inkampani enkulu yezindiza, yahlaselwa ukuhlaselwa okunjalo okuhlelwe izimbangi zaseShayina. Emahoreni amabili nje kuphela, ama-bots abo a-ode u-100% wamathikithi ezindaweni ezithile.
Amabhothi ama-sneaker
Isimo esilandelayo esidumile: ama-bots athenga ngokushesha umugqa wonke wemikhiqizo, futhi abanikazi bawo bayayithengisa kamuva ngentengo ekhuphukayo (ngokwesilinganiso i-markup engu-200%). Amabhothi anjalo abizwa ngokuthi ama-sneakers bots, ngoba le nkinga yaziwa kakhulu embonini ye-fashion sneaker, ikakhulukazi amaqoqo alinganiselwe. Amabhothi athenge imigqa emisha esanda kuvela cishe emaminithini, ngenkathi ivimba insiza ukuze abasebenzisi bangempela bangakwazi ukudlula lapho. Lesi yisimo esingajwayelekile lapho ama-bots ebhalwa ngawo kumamagazini anemfashini acwebezelayo. Nakuba, ngokuvamile, abathengisi bamathikithi okupholisa imicimbi efana nemidlalo yebhola basebenzisa isimo esifanayo.
Ezinye izimo
Kodwa akugcini lapho. Kukhona inguqulo eyinkimbinkimbi nakakhulu yokuhlaselwa kwempahla, esongela ukulahlekelwa okukhulu. Lokhu kungenziwa uma isevisi inenketho "Yokukhokha lapho kwamukelwe izimpahla". Amabhothi ashiya ama-oda omgunyathi ezimpahla ezinjalo, ekhombisa amakheli omgunyathi noma angempela abantu abangaqaphile. Futhi izinkampani zithola izindleko ezinkulu zokulethwa, ukugcinwa, kanye nokuthola imininingwane. Ngalesi sikhathi, izimpahla azitholakali kwamanye amakhasimende, futhi zithatha indawo endaweni yokugcina impahla.
Yini enye? Amabhothi ashiya ukubuyekezwa okungalungile okungalungile mayelana nemikhiqizo, agxilise umsebenzi "wokubuyisela inkokhelo", ukuvimbela ukuthengiselana, ukuntshontsha idatha yamakhasimende, amakhasimende angempela agaxekile - kunezinketho eziningi. Isibonelo esihle ukuhlasela kwakamuva kwe-DHL, i-Hermes, i-AldiTalk, i-Freenet, i-Snipes.com. Abaduni , ukuthi "bahlola izinhlelo zokuvikela i-DDoS," kodwa ekugcineni babeka phansi ingosi yeklayenti lebhizinisi lenkampani kanye nawo wonke ama-API. Ngenxa yalokho, kube nokuphazamiseka okukhulu ekuhanjisweni kwezimpahla kumakhasimende.
Shayela kusasa
Ngonyaka odlule, i-Federal Trade Commission (FTC) ibike ukuphindaphindeka kwezikhalazo ezivela kumabhizinisi nabasebenzisi mayelana nogaxekile kanye nezingcingo ze-bot zomgunyathi. Ngokwezinye izilinganiso, zilingana zonke izingcingo.
Njenge-DDoS, izinhloso ze-TDoS—ukuhlasela kwe-bot okukhulu kumafoni—kusukela “kumaqhinga” kuye emqhudelwaneni ongenanembeza. Amabhothi angalayisha kakhulu izikhungo zokuxhumana futhi avimbele amakhasimende wangempela ukuthi angaphuthelwa. Le ndlela ayisebenzi kuphela ezikhungweni zezingcingo ezinama-opharetha "bukhoma", kodwa nalapho kusetshenziswa khona izinhlelo ze-AVR. Amabhothi angaphinde ahlasele kakhulu ezinye iziteshi zokuxhumana namakhasimende (ingxoxo, ama-imeyili), aphazamise ukusebenza kwezinhlelo ze-CRM futhi, ngokwezinga elithile, athinte kabi ukuphathwa kwabasebenzi, ngoba opharetha bagcwele ngokweqile bezama ukubhekana nale nkinga. Ukuhlasela kungavunyelaniswa nokuhlaselwa kwe-DDoS okungokwesiko ezinsizeni ze-inthanethi zesisulu.
Muva nje, ukuhlasela okufanayo kuphazamise umsebenzi wezokutakula e-USA - abantu abajwayelekile abadinga usizo abakwazanga ukudlula. Ngaso leso sikhathi, i-Dublin Zoo yabhekana nesiphetho esifanayo, okungenani abantu abangu-5000 bethola imilayezo ye-SMS yogaxekile ebakhuthaza ukuthi bashayele ngokushesha inombolo yocingo ye-zoo bacele umuntu oyinganekwane.
Ngeke ibe khona i-Wi-Fi
Izigebengu ze-Cybercriminal zingavimbela kalula yonke inethiwekhi yezinkampani. Ukuvinjwa kwe-IP kuvame ukusetshenziselwa ukulwa nokuhlaselwa kwe-DDoS. Kodwa lokhu akusebenzi nje kuphela, kodwa futhi umkhuba oyingozi kakhulu. Ikheli lasesizindeni se-inthanethi litholakala kalula (ngokwesibonelo, ngokugadwa kwensiza) futhi kulula ukulishintsha (noma i-spoof). Sike saba namakhasimende ngaphambi kokuza e-Variti lapho ukuvimba i-IP ethile kuvele kwacisha i-Wi-Fi emahhovisi awo. Kwakukhona icala lapho iklayenti "ishelela" nge-IP edingekayo, futhi ivimbele ukufinyelela kumthombo wayo kubasebenzisi abavela kuso sonke isifunda, futhi ayizange ikubone lokhu isikhathi eside, ngoba ngaphandle kwalokho yonke insiza isebenze kahle.
Yini okusha
Izinsongo ezintsha zidinga izixazululo ezintsha zokuphepha. Kodwa-ke, le niche entsha yemakethe isiqala ukuvela. Kunezixazululo eziningi zokuxosha ngempumelelo ukuhlaselwa kwe-bot okulula, kodwa ngeziyinkimbinkimbi akulula kangako. Izixazululo eziningi zisasebenzisa amasu okuvimbela i-IP. Abanye badinga isikhathi sokuqoqa idatha yokuqala ukuze baqalise, futhi leyo mizuzu eyi-10-15 ingaba sengozini. Kunezixazululo ezisekelwe ekufundeni komshini ezikuvumela ukuthi ubone i-bot ngokuziphatha kwayo. Futhi ngesikhathi esifanayo, amaqembu avela ohlangothini "olunye" aziqhayisa ngokuthi asevele ephethe ama-bots angakwazi ukulingisa amaphethini wangempela, angenakuhlukaniswa nabantu. Akukacaci ukuthi ubani ozowina.
Yini okufanele uyenze uma kufanele ubhekane namaqembu e-bot ochwepheshe kanye nokuhlaselwa okuyinkimbinkimbi, okunezigaba eziningi emazingeni amaningana ngesikhathi esisodwa?
Okuhlangenwe nakho kwethu kubonisa ukuthi udinga ukugxila ekuhlungeni izicelo ezingekho emthethweni ngaphandle kokuvimbela amakheli e-IP. Ukuhlaselwa kwe-DDoS okuyinkimbinkimbi kudinga ukuhlunga kumazinga amaningana ngesikhathi esisodwa, okuhlanganisa izinga lezokuthutha, ileveli yohlelo lokusebenza, nezixhumi ezibonakalayo ze-API. Ngenxa yalokhu, kungenzeka ukuxosha ngisho nokuhlaselwa kwe-low-frequency ngokuvamile okungabonakali ngakho-ke kuvame ukuphuthelwa. Okokugcina, bonke abasebenzisi bangempela kufanele bavunyelwe badlule, noma ngabe ukuhlasela kusasebenza.
Okwesibili, izinkampani zidinga ikhono lokudala izinhlelo zabo zokuvikela izigaba eziningi, okuthi, ngaphezu kwamathuluzi okuvimbela ukuhlaselwa kwe-DDoS, zizoba nezinhlelo ezakhelwe ngaphakathi ngokumelene nokukhwabanisa, ukwebiwa kwedatha, ukuvikelwa kokuqukethwe, njalonjalo.
Okwesithathu, kumele basebenze ngesikhathi sangempela kusukela esicelweni sokuqala - ikhono lokuphendula ngokushesha izehlakalo zokuphepha kwandisa kakhulu amathuba okuvimbela ukuhlasela noma ukunciphisa amandla ako okubhubhisa.
Esikhathini esizayo esiseduze: ukuphathwa kwesithunzi nokuqoqwa kwedatha enkulu kusetshenziswa i-bots
Umlando we-DDoS ushintshile ukusuka kokulula kuya kokuyinkimbinkimbi. Ekuqaleni, umgomo wabahlaseli kwakuwukumisa isiza ukuba singasebenzi. Manje sebekuthola kusebenza kahle kakhulu ukukhomba izinqubo zebhizinisi eziwumongo.
Ubunkimbinkimbi bokuhlaselwa buzoqhubeka nokwanda, akunakugwenywa. Kanye nalokho okwenziwa ama-bot amabi manje - ukwebiwa kwedatha nokuqamba amanga, ukukhwabanisa, ugaxekile - ama-bot azoqoqa idatha evela enanini elikhulu lemithombo (Idatha Enkulu) futhi adale ama-akhawunti mbumbulu "aqinile" okuphatha ithonya, isithunzi noma ubugebengu bokweba imininingwane ebucayi.
Njengamanje, izinkampani ezinkulu kuphela ezingakwazi ukutshala imali ku-DDoS nokuvikelwa kwe-bot, kodwa ngisho azikwazi njalo ukuqapha ngokugcwele nokuhlunga ithrafikhi ekhiqizwa ama-bots. Okuwukuphela kwento enhle mayelana neqiniso lokuthi ukuhlaselwa kwe-bot kuya kuba nzima kakhulu ukuthi ikhuthaza imakethe ukudala izixazululo zokuphepha ezihlakaniphile nezithuthuke kakhulu.
Ucabangani - imboni yokuvikela i-bot izothuthuka kanjani futhi yiziphi izixazululo ezidingekayo emakethe njengamanje?
Source: www.habr.com