研究人員正成為 DDoS 主要攻擊目標!

Source: https://hk.news.yahoo.com/ddos-101937447.html

近期 DDoS 的話題好像被勒索軟件蓋過了,然而 DDoS 的發展卻從沒有停止過,近日更進一步針對研究人員進行攻擊。

一份由 Nexusguard 公佈的 2016 年第一季威脅報告中指出,某專門研究網絡攻擊的機構是 DDoS 攻擊的主要對象,而中東地區的攻擊數量也比前一個季度錄得大幅增長。

報告也發現,駭客組織對該專門研究網絡攻擊的機構發動的攻擊以 NTP 類型為主,部分受害者幾乎每天都收到攻擊封包,而這些以研究人員為對象的 NTP 攻擊,多半是通過 DNS 漏洞入侵。此外安全分析師也發現,大多數 DDoS 攻擊時間可長達 10 分鐘以上,平均攻擊時間則約為 5 分鐘,這數據背後代表受僱型 DDoS 攻擊愈來愈盛行,才會造成攻擊時間縮短、而攻擊次數卻上升的現象。

要解決前述問題,專家建議組織裝設能檢測每秒或更短頻率事件的網路監測系統,此舉有助偵測 DDoS 攻擊。

在遭受 DDoS 攻擊的前 10 個國家中,美國、中國依然名列前兩名,至少遭受 49,000 種多組合攻擊,而原本在前 10 名之列的土耳其,則跌出排行榜之列,這正正符合當年 Nexusguard 於 2015 年第四季威脅報告中的論點-俄羅斯和土耳其之間的緊張關係,是造成當時兩國被攻擊次數增加的主要原因。

此外,中東國家在 2016 年第一季遭受攻擊數量,也比 2015 年同期增長 83%,研究人員預測與該地區多個國家遭受恐怖攻擊所致,未來還有可能呈現繼續上升的趨勢。

Source:

近期 DDoS 的話題好像被勒索軟件蓋過了,然而 DDoS 的發展卻從沒有停止過,近日更進一步針對研究 ...
toylet 發表於 2016-5-5 21:48



It seems that the researchers in Nexusguard have very little knownledge of the recent vulnerability on NTP.

TOP

回覆 2# samiux

Nexusguard is one of the groups.  Of course, there will be another holes which you have not discovered yet.

TOP

回覆  samiux

Nexusguard is one of the groups.  Of course, there will be another holes which you ha ...
polarhei 發表於 2016-5-7 10:02



    According to the original poster's article, Nexusguard says that the duration of the DDoS is between 5 to 10 minutes.  Do you know why?  The reason is that NTP has vulnerabilites recently.  However, the researchers of Nexusguard seem do not know about that.  They have a very little knownledge about that.  It seems that they are writing the report for promoting their services only.

TOP

回覆 4# samiux

Just like others even better than them.

The last thing I have heard is spending at least USD 1300K for forensic issues.

TOP

回覆  samiux

Just like others even better than them.

The last thing I have heard is spending at  ...
polarhei 發表於 2016-5-7 22:37



I think Nexusguard is a reseller of Akamai as their offical website is protected by Akamai but not protected by their owned technology of anti-DDoS.  

Last time, they produced a not professional Android malware report.

TOP

回覆 6# samiux

I yet know fully about them.  Of course, the real things are usually sharing in minimum basis.

TOP

本帖最後由 samiux 於 2016-5-8 00:41 編輯
回覆  samiux

I yet know fully about them.  Of course, the real things are usually sharing in minim ...
polarhei 發表於 2016-5-7 23:16



It is very interesting that their senior consultant is a CEH holder only.  Meanwhile, they also doing web hosting business.

Their CEO Mr. Ronald Pong is holder of PCI QSA, PCI ASV, PCIP and PA QAS.

That's why their research reports are not professional enough.  

TOP

回覆 8# samiux

Whatever registered with. Why people trust them? I personally believe good writing is the thing.

I just have submitted an application of multimedia designer of PCCW's blurie. Let see if "Please-pay-us" scheme works.

TOP