I-Rostelecom yenze ucwaningo ngokuhlaselwa kwe-DDoS okwenziwa engxenyeni yaseRussia ye-Intanethi ngo-2018. Njengoba umbiko ubonisa, ku-2018 kwaba nokwanda okubukhali hhayi nje ngenani lokuhlaselwa kwe-DDoS, kodwa futhi namandla abo. Ukunaka kwabahlaseli kuvame ukuphendukela kumaseva egeyimu.
Inani eliphelele lokuhlaselwa kwe-DDoS ngo-2018 lenyuke ngo-95% uma liqhathaniswa nonyaka odlule. Isibalo esikhulu kunazo zonke sokuhlaselwa saqoshwa ngoNovemba nangoDisemba. Izinkampani eziningi ze-e-commerce zithola ingxenye enkulu yenzuzo yazo ekupheleni konyaka, i.e. ngamaholide kaNcibijane nasemavikini awandulelayo. Ukuncintisana kushube ikakhulukazi ngalesi sikhathi. Ngaphezu kwalokho, ngesikhathi samaholide kukhona inani eliphakeme lomsebenzi wabasebenzisi emidlalweni ye-inthanethi.
Ukuhlasela okude kakhulu okurekhodiwe yi-Rostelecom ngo-2017 kwenzeka ngo-Agasti futhi kwaphela amahora angu-263 (cishe izinsuku ezingu-11). Ngo-2018, ukuhlasela okuqoshwe ngo-March futhi kwathatha amahora angu-280 (izinsuku ezingu-11 namahora angu-16) kwafinyelela emazingeni okurekhoda.
Unyaka odlule ubone ukwanda okukhulu kwamandla okuhlasela kwe-DDoS. Uma ngo-2017 lesi sibalo singadluli ku-54 Gbit / s, khona-ke ngo-2018 ukuhlaselwa okunzima kakhulu kwenziwa ngesivinini se-450 Gbit / s. Lokhu bekungekona ukuguquguquka okukodwa: kabili kuphela ngonyaka lapho lesi sibalo sehle kakhulu ngaphansi kwama-50 Gbit/s - ngoJuni nango-Agasti.
Ubani ohlaselwa kaningi?
Izibalo zango-2018 ziqinisekisa ukuthi usongo lwe-DDoS lufaneleka kakhulu ezimbonini lapho izinqubo zebhizinisi zazo ezibucayi zincike ekutholakaleni kwezinsizakalo ze-inthanethi nezinhlelo zokusebenza - ngokuyinhloko ingxenye yemidlalo kanye ne-e-commerce.
Isabelo sokuhlaselwa kwamaseva egeyimu sasingu-64%. Ngokusho kwabahlaziyi, isithombe ngeke sishintshe eminyakeni ezayo, futhi ngokuthuthukiswa kwe-e-sports, singalindela ukwanda okwengeziwe kwenani lokuhlaselwa embonini. Amabhizinisi e-E-commerce ahlala βebambaβ indawo yesibili (16%). Uma kuqhathaniswa nowezi-2017, isabelo sokuhlaselwa kwe-DDoS kwezokuxhumana sikhuphuke sisuka ku-5% saya ku-10%, kuyilapho isabelo sezikhungo zemfundo, ngokuphambene nalokho, sehlile - sisuka ku-10% saya ku-1%.
Kuyabikezelwa ukuthi ngokwesilinganiso senani lokuhlaselwa kwekhasimende ngalinye, ingxenye yemidlalo kanye ne-e-commerce inamasheya abalulekile - 45% kanye no-19%, ngokulandelana. Okunye okungalindelekile ukwanda okukhulu kokuhlaselwa kwamabhange nezinhlelo zokukhokha. Kodwa-ke, lokhu kungenzeka kakhulu ngenxa ye-2017 ethule kakhulu ngemuva komkhankaso wokulwa nomkhakha webhange waseRussia ekupheleni kuka-2016. Ngo-2018, konke kubuyele evamile.
Izindlela Zokuhlasela
Indlela edume kakhulu ye-DDoS yizikhukhula ze-UDP - cishe amaphesenti angama-38 akho konke ukuhlasela kwenziwa kusetshenziswa le ndlela. Lokhu kulandelwa yizikhukhula ze-SYN (20,2%) futhi cishe zihlukaniswe ngokulinganayo ukuhlaselwa kwephakethe elihlukene kanye nokukhulisa i-DNS - 10,5% no-10,1%, ngokulandelana.
Ngesikhathi esifanayo, ukuqhathaniswa kwezibalo zika-2017 no-2018. ibonisa ukuthi isabelo sokuhlaselwa kwezikhukhula kwe-SYN cishe siphindwe kabili. Sicabanga ukuthi lokhu kungenxa yobulula bazo kanye nezindleko eziphansi - ukuhlaselwa okunjalo akudingi ukuba khona kwe-botnet (okungukuthi, izindleko zokuyidala/yokuqasha/yokuthenga).
Inani lokuhlaselwa kusetshenziswa ama-amplifiers linyukile. Lapho uhlela i-DDoS ngokukhulisa, abahlaseli bathumela izicelo ngekheli lomthombo womgunyathi kumaseva, aphendula isisulu sokuhlaselwa ngamaphakethe anwetshiwe aphindaphindeka. Le ndlela yokuhlaselwa kwe-DDoS ingase ifinyelele ezingeni elisha futhi isakazeke kakhulu esikhathini esizayo esiseduze, ngoba futhi ayidingi izindleko zokuhlela noma zokuthenga i-botnet. Ngakolunye uhlangothi, ngokuthuthukiswa kwe-Inthanethi Yezinto kanye nenani elikhulayo lokukhubazeka okwaziwayo kumadivayisi we-IoT, singalindela ukuvela kwama-botnets amasha anamandla, futhi ngenxa yalokho, ukuncipha kwezindleko zezinsizakalo zokuhlela ukuhlaselwa kwe-DDoS.
Source: www.habr.com