Hello, I'm security defender PR.
Although DDoS attacks seem to have decreased a lot recently, they have not been reported in the media since the '17 Armada Collective' financial DDoS attacks, and DDoS attacks are ongoing.
Why are you attacking DDoS today? Are you constantly coming in?
We'd like to take some time to learn about what it's used for.
What is a DDoS attack?
Distributed Denial of Service (DDoS)
Attackers use multiple servers to intensively cause traffic to the target server, preventing the target server from serving normally.
Recently, DDoS attacks using all Internet-connected devices, including Internet of Things (IoT) devices (such as refrigerators, washing machines, boilers, CCTVs, air conditioners, smart TVs, etc., are expected to continue to increase.
Without my knowledge, my refrigerator could be hacked into and turned into a zombie, sending a lot of traffic outside and used for malicious DDoS attacks.
What is more scary home be a zombie iot cctv by adjusting devices remotely, smart tv, air conditioning or privacy through the exposure of the camera running full to excess electricity.By charging financial damage can occur.
What about hackers? Do they attack DDoS? Let's find out why.
First, demand money like bitcoin.
Hackers use every means to contact their administrators.
Mail, blogs, social networking sites, messengers, and even bulletin boards on their homepages say they are some kind of vicious human being and their demands "if you don't give them money (bitcoin), they will be harmed."
Or, "I am the one who defends the attack, and I will defend you if you pay me a certain amount of money."
In this case, you should never pay for it!!!
If you pay a small amount of money, you're registered as a target, and you're constantly demanding more and more, and the capacity and methods of your attacks vary.
Second, disrupting business in the same industry
DDoS attacks, mainly targeting the 1st and 2nd largest companies in the industry, are aimed at hurting competitors, and target gambling sites, delivery companies, item trading sites and shopping malls that require real-time service.
This is because DDoS attacks will deal a fatal blow to corporate management, including falling sales and damaging corporate image due to members' inability to access the site.
Thirdly, the DB information leakage and the history of attacks are deleted through the distractions of the eyes.
Internal monitoring equipment and security equipment become paralyzed for data processing as DDoS attacks accumulate huge amounts of data in a short period of time. Of course, the security personnel involved and the security controls are also focused on doing so.
An attacker may distract his attention to a DDoS attack and conduct a composite attack to hide his true purpose. User DB leakage using malicious code planted inside prior to attack, or their attack history log can be deleted.
When the security officer finds out, it's to have the effect of making tracking difficult because it's already been a long time.
What are some examples of domestic DDoS attacks?
1.25 Internet chaos
On January 25, 2003, the domestic Internet network was paralyzed by the DDoS attack and was in chaos.
The problem was the slamer worm that took advantage of Microsoft's SQL Server loophole.
Infected zombie PCs created massive amounts of data and attacked the DNS servers of KT (Hyehwa Telephone Station), and when the server was paralyzed, traffic began to bypass the backbone network and eventually servers in other regions were paralyzed.
At that time, I was working part-time on the Internet, and I remember having a hard time because the Internet was not working.
It's been too long, so let's move on.
Attack item transaction relay site
From December 2008 to February next year, a DDoS attack was carried out on one of the nation's largest item trading sites.
A total of 12 attacks have cost the site as much as 100 billion won.
It was a shock when it turned out that a former executive of a rival company was responsible.
He allegedly recruited Chinese hackers with other accomplices in China's Jilin Province to attack the site's servers and demanded bribes in return for stopping the attacks.
Police say the suspect planned the crime in advance.
7.7 DDoS Attack
Since then, DDoS attacks have become very popular.
On July 7, 2009, major U.S. and Korean government agencies, portal sites, and banks were attacked and temporarily paralyzed the service, causing damage.
Four attacks were carried out over a five-day period from July 5 to 9. On the first day, the White House and 27 sites were attacked.
On July 7, major media outlets, political parties, and portal sites were attacked.
In the ensuing attack, some of the sites that were the primary targets and the major portal site mail services were the targets.
On the 9th, when the last attack took place, some of the National Intelligence Service and financial institutions suffered service failures due to the attack, but it was normalized quickly.
3.3 DDoS Attack
On March 3, 2011, major Korean government agencies, portal sites, and banks were attacked by DDoS and their services were paralyzed twice.
Originally, the hard disk was supposed to be destroyed in about four to seven days, but when there was no major damage to the attack, it was reported that it was ordered to destroy the hard disk and prevent access to the protected country site.
The Korea Communications Commission (KCC) announced that the DDoS was inserted and circulated in some files uploaded to the P2P file sharing site, so government-level management of the P2P file sharing site will begin.
DDoS Attack on Central Election Management
On October 26, 2011, there was an attack by DDoS on the website of the National Election Commission (NEC).
At that time, by-elections were being held, and the attacks continued from 9 a.m. to 12 p.m. on the same day, and DDoS attacks became an issue as they could not access the National Election Commission's website at that time.
1Tbps DDoS Attack Notice in the Financial Sector
In June 2017, a hacker group sent a DDoS threat e-mail to the domestic financial sector to demand money, which made the financial sector nervous.
Armada Collective has launched a DDoS attack on a local financial company and threatened to launch a 1Tbps attack unless financial institutions pay 10 bitcoins within the deadline.
The initial attack was a DDoS amplification attack using User Datagram Protocol (UDP), which delayed Internet and smart banking services for about 15 minutes after the first attack.
댓글