DDoS is rampant, cloud security issues may become a new trend

This is an era where DDoS is raging. On the evening of August 25, Smartisan Mobile held the saddest press conference in history: all product information was leaked in advance, and the e-commerce website on the day of the press conference was also hit by dozens of gigabytes of DDoS attacks, causing customers to be unable to place orders normally for several hours. ; Coincidentally, when Apple opened pre-orders for the iPhone 6s on September 12, it was even more worrying and even a bit thrilling: the Apple Mall was overwhelmed by fans who were ready to rush to buy the iPhone 6s, and the downtime lasted for 104 minutes, which was comparable to a large-scale DDoS attack. The corresponding CDN service provider was helpless for a while and could only forcibly restrict access.

High traffic attacks show a growing trend and move towards the cloud

To date, Distributed Denial of Service (DDoS) attacks, which still seriously threaten the network security of governments and enterprises, are still the most popular form of network attack used by hackers, and are also very cheap and effective. Data from the latest "2014 China Internet Network Security Situation Report" released by the National Internet Emergency Center (CNCERT) show that in 2014, there were an average of about 187 DDoS attacks per day targeting domain name system traffic exceeding 1G, and the number of attacks was three times that of 2013. The domain name system faces further intensification of DDoS attacks. The nationwide DNS contamination incident in 2014 also showed that domain name resolution tampering incidents targeting important websites occur frequently and the number of security vulnerabilities continues to increase.

Compared with previous years, business operators are not feeling relaxed. At present, the DDoS black industry has formed, mainly extorting online profit-making enterprises and malicious attacks on commercial competition. With extremely low attack costs, it has caused heavy losses to the normal operations of enterprises. In the second half of 2015, the threat of DDoS attacks continued to escalate, affecting the stable operation of basic networks, and only a handful of companies could withstand such attacks on their own.

The many advantages of cloud computing technology have made cloud services widely used. With the rise of DDoS large-traffic attacks, many users have migrated their businesses to the cloud in order to protect themselves from risks. While the increase in cloud services has brought convenience to users, security has also changed. On the one hand, the client is lightweight, and the original computing tasks of the client are significantly transferred to the cloud. The traffic on the cloud will become larger and larger, which will be exploited by large-traffic DDoS attacks; on the other hand, the environment is becoming more complex, and as time passes, With the virtualization of the business environment, new uncertainties are constantly arising from business becoming more flexible and changeable to operation and maintenance management, which may create opportunities for new forms of DDoS attacks.

DDos is rampant, cloud security may become a new trend

A few days ago, the three major Internet giants Alibaba, Tencent and Baidu have successively launched new security defense measures. In the past, hackers were always in the shadows. Who exactly launched the attack and when? What is the possible purpose of this attack? The attacked party can never know. It is reported that on Alibaba Cloud's first Cloud Shield Security Day, the Alibaba Cloud Cloud Shield team introduced to users their latest research results - innovative cloud security new product situational awareness in the DT era. The first characteristic of situational awareness is that it relies on massive data and super computing to make hacker attacks visible. The second feature is to visualize risks. With it, people without security technology foundation can also see the past, present and future of risks.

A few days ago, at the Tencent Cloud Technology Leadership Summit, Tencent Cloud released two products, Dayu 4.0 and Tianyu, in response to security issues of great concern to the industry. It is reported that the new Dayu can effectively resist DDoS and CC attacks with up to 4T protection bandwidth and second-level fast dispatching capabilities. It has more than 400 detection points across the country and can solve the problem of DNS hijacking. The full name of Dayu is Dayu Distributed Defense System, which is a security defense system independently developed and deployed by Tencent Cloud. In the first half of 2015, Dayu successfully defended against external attack traffic with a peak volume of nearly 300G. It has successively helped companies such as eLong, Tubatu, and Smartisan Technology to carry out DDoS protection. Internet companies such as Ctrip, Ele.me, and Futu Securities are also using it. Dayu conducts network security protection.

Alibaba Cloud and Tencent have both taken action, and Baidu is not to be outdone. Baidu's previously released Baidu Cloud Acceleration 3.0 has achieved global CDN network coverage and greatly improved acceleration performance and product stability. It is reported that in mainland China, Baidu Cloud Acceleration's existing nodes are being expanded in batches from 10G to 50G super nodes; abroad, Baidu has reached a cooperation with CloudFlare, the world's leading CDN manufacturer, and CloudFlare will open 45 global nodes to Baidu Cloud Acceleration users. Super nodes, combined with Baidu’s own 17 super nodes in mainland China, have successfully established a global CDN acceleration and security defense network.

Baidu ADN Network is a global anti-attack network jointly established by Baidu Cloud Acceleration, CloudFlare and Telecom Yundi. When an attack comes, Baidu Cloud Acceleration will analyze the source of the traffic. Overseas attacks use Anycast technology to disperse to CloudFlare's many super nodes around the world for cleaning; for domestic traffic, Baidu Cloud Acceleration will analyze the attack characteristics and synchronize the characteristics to partner telecommunications Cloud embankments use the powerful near-source suppression capabilities of cloud embankments to block traffic. In this process, the simple and crude IP blocking method was abandoned, and instead the intelligent ADN network was used to achieve high throughput and low man-in-person DDoS cleaning capabilities.

At the beginning of the development of cloud computing in mainland China, the overall security market has not yet been enriched. It will take some time to quickly end the long-term streaking state of a large number of small and medium-sized enterprise customers.

Recommended site searches: website domain name registration, domain name registration number query, domain name registration, foreign virtual host, Hong Kong space, US host, 1g US virtual host, registration, org domain name, US host rental,