本網站使用瀏覽器紀錄 (Cookies) 來提供您最好的使用體驗,我們使用的 Cookie 也包括了第三方 Cookie。相關資訊請訪問我們的隱私權與 Cookie 政策。如果您選擇繼續瀏覽或關閉這個提示,便表示您已接受我們的網站使用條款。 關閉
UK Dedicated Servers Strengthens Partnership with Corero as First EMEA Adopter of New Adaptive NTD3400 DDoS Solution MARLBOROUGH, Mass., Jan. 23, 2025 /PRNewswire/ -- Corero Network Security (AIM: CNS) (OTCQX: DDOSF), the distributed denial of service (DDoS) protection specialists, today announced that UK Dedicated Servers, a leading provider of enterprise hosting and managed communications services, has upgraded its DDoS protection with Corero's next-generation technology. The upgrade marks a continued partnership between the two companies, as UK Dedicated Servers enhances its network security and prepares for future growth. UK Dedicated Servers is the first in the EMEA region to adopt Corero's latest DDoS protection technology, leveraging the new 400G interface to enhance network connectivity. The company has also reached a milestone by being the first in the region to adopt and validate live traffic on the NTD3400, demonstrating scalability and performance under real-world conditions. Having relied on Corero's NTD1100 appliances for years to safeguard its infrastructure, UK Dedicated Servers has now upgraded to the NTD3400 to meet growing demand and strengthen defenses. This upgrade future-proofs the company's infrastructure, providing greater capacity, robust security, and the ability to scale with a rapidly evolving digital landscape. David Howes, Director at UK Dedicated Servers, stated:"Corero's NTD1100 has been a reliable workhorse for our network, but as our growth accelerates, we knew it was time to take the next step. The new solution offers the scalability and advanced capabilities we need to stay ahead of threats and deliver seamless service to customers. This upgrade gives us confidence that our infrastructure is ready to tackle whatever challenges lie ahead." Carl Herberger, CEO at Corero Network Security, commented:"We're thrilled to continue our partnership with UK Dedicated Servers as they adopt our latest DDoS protection technology. Their decision to upgrade underscores their trust in Corero and commitment to staying ahead of evolving threats. At Corero, we're dedicated to delivering innovative solutions that secure our customers today and prepare them for tomorrow." About Corero Network SecurityCorero Network Security is a leading provider of DDoS protection solutions, specializing in automatic detection and protection solutions with network visibility, analytics, and reporting tools. Corero's technology protects against external and internal DDoS threats in complex edge and subscriber environments, ensuring internet service availability. With operational centers in Marlborough, Massachusetts, USA, and Edinburgh, UK, Corero is headquartered in London and listed on the London Stock Exchange's AIM market (ticker: CNS) and the US OTCQX Market (OTCQX: DDOSF).
專家提供強化防禦機制建議香港 - Media OutReach Newswire - 2024年10月25日 - 剛發表的《行政長官2024年施政報告》重申,新擬定的《保障關鍵基礎設施 (電腦系統) 條例草案》將於今年 (2024年) 內提交立法會審議。近年網絡罪犯越見猖獗,這項採取「機構為本」原則的新條例, 正好推動本港企業重新審視自身的網絡防護及應急計畫能否應對AI (人工智能) 攻擊等新風險之餘,還能檢視是否忽略了如DDoS (分散式阻斷服務) 這類行之有年,但已經默默演變轉型的網絡威脅。 Akamai API Security 的安全測試套件可以自動運行 150 多項模擬惡意流量測試,其中包括 OWASP API 安全十大威脅。 DDoS成勒索軟件幫兇 隨著企業越來越依賴網絡連線能力來驅動關鍵業務及應用程式,欠缺適當防護的基礎設施便成為DDoS攻擊的絕佳目標。黑客發動的龐大惡意流量可能導致網絡系統運作停擺,造成大規模服務中斷或效能下降。但另一個更令人擔憂的問題是,近期黑客進行DDoS攻勢的目的並不單純。香港網絡安全事故協調中心 (HKCERT) 早前針對亞太地區,特別是香港的勒索軟件情況進行分析,結果發現網絡罪犯的一種新手法是對勒索軟件受害者的基礎設施發動DDoS攻擊,以進一步施壓,迫使其支付贖金。雲端服務供應商Akamai亦指出,DDoS攻擊在全球日益成為黑客轉移網絡安全系統焦點及資源的有效煙幕,以掩飾他們真正的犯罪企圖。 影子API助新型DDoS冒起 Akamai 發現,透過 API (應用程式介面) 實施的專門針對 OSI 七層網絡架構中第七層 (應用層) 的 DDoS 攻擊數量急劇增加。主要原因相信是企業的網絡安全團隊對未經記錄的 API,即所謂的「影子 API」,並不知曉,因此一般不會加以保護,令黑客有機可乘。在亞太及日本地區,第七層 DDoS 攻擊次數在短短 18 個月內增加了五倍,期間的攻擊總數更達到了 5.1 萬億次!然而,許多企業的網絡防禦措施仍集中在第三層 (網絡層) 和第四層 (傳輸層) ,導致防範這類新興 DDoS 的效果有限。 現時,DDoS攻擊模式呈現兩極化的發展趨勢:一方面,黑客利用AI工具協調更複雜精密,更分散出擊的機械人/殭屍網絡攻勢;另一方面,雖然這種現象並非主流,但像NoName057這類新興黑客組織會利用Telegram等社交媒體招募志願者攻擊特定目標。這種「真人化」的攻擊涉及多樣的流量來源和使用者代理,讓受害機構更難以偵測和防禦。 由此可見,長期存在的DDoS攻擊,由相關的攻擊工具、系統漏洞、入侵手法、影響層面,以至最終目均已不同於以往。因此,企業要真正防範DDoS來襲,就必需整合能為第三層、第四層、第七層和DNS提供保護的網絡安全解決方案,落實深度防禦策略,而在評估DDoS攻擊時,需同時考慮攻擊頻率和攻擊量,才能針對性地制定防禦措施。 強化防禦機制建議 總括來說,WAF (Web應用程式防火牆) 和流量速率管控機制是企業應對DDoS攻擊必不可少的防禦基礎。此外,專家亦建議企業作如下長遠規劃: 將源伺服器設置在高DDoS耐受性的數據中心或網段,以防止受到牽連 為防止直接攻擊源伺服器,隱藏或混淆源伺服器的主機名稱和IP位址 引入CDN (內容交付網絡) 的故障轉移設定,並在源伺服器故障時通知用戶 利用Client Reputation檢視全球IP位址信譽等級 利用EdgeDNS防範DNS查詢型DDoS攻擊 以Bot Manager排除Bot的影響 運用托管式安全服務在SOCC (安全監控指揮中心) 緊急處理DDoS事故 這些措施有助於增強企業的防禦能力,降低DDoS攻擊帶來的風險。 無論企業屬於哪個行業或規模,企業與客戶、消費者、合作夥伴及員工等不同持份者保持互聯是保障業務的基礎。如果企業因受DDoS攻擊而令部分服務暫停甚至全面停擺,不僅會失去各方的信任,影響業績,還有可能導致監管處罰,因此企業必須認真看待DDoS安全問題,妥善保護關鍵基礎設施。 Hashtag: #Akamai #DDoS發佈者對本公告的內容承擔全部責任Akamai TechnologiesAkamai 支援並保護網絡生活。全球各大優秀公司紛紛選擇 Akamai 來打造並提供安全的數碼體驗,為數十億人每天的生活、工作和娛樂提供助力。 Akamai Connected Cloud 是一種大規模分散式邊緣和雲端平台,可使應用程式和體驗更靠近用戶,幫助用戶遠離威脅。有關 Akamai 雲端運算、安全和內容交付解決方案的更多資訊,請瀏覽 akamai.com 和 akamai.com/blog。
親俄駭客組織 NoName057 持續對台灣發動 DDoS 攻擊,目標涵蓋政府機構、金融單位及高科技產業。台灣作為地緣政治的熱點,長期以來一直是網絡攻擊的重災區。NoName057 事件更突顯出兩個主要警訊: 首先,儘管 DDoS 攻擊手法歷久不衰,並有相應的防禦方案,但仍有部分機構未能有效抵擋攻擊,顯示出防禦措施的不足;其次,攻擊標的正在擴大,除了重大基礎設施和知名企業,中小型企業及民間組織也面臨威脅。 認識攻擊手法與防禦重點 相較於 2017 年台灣券商遭遇的首次集體 DDoS 攻擊,NoName057 的攻擊以明確的政治目的發起,力求擴大影響範圍和傷害程度。其最大挑戰在於攻擊的真人化。這一組織透過 Telegram 招募志願者參與 DDoS 攻擊,據 Akamai 分析,近期攻擊來自 25 個國家,其中包括本地流量,攻擊使用的 User Agent 種類接近 70 種,這種分散式的攻擊行為使得防禦難度加大。 此外,當前的 DDoS 攻擊主要針對第七層(應用層),其加密內容難以偵測,而許多電信業者及組織的防禦措施仍主要集中在第三層(網路層)和第四層(傳輸層),這限制了防禦效果的發揮。 使用雲端服務進行 DDoS 防禦的最大優勢在於能夠在攻擊發動點即時阻擋。例如,Akamai 的 SLA 提供零秒啟動的防禦機制,從成本和時效性上都優於傳統電信商及自建的防禦系統。此外,Akamai 在台灣也具備針對本地流量的快速反應能力。 短中長期措施持續強化防禦機制 針對 NoName057 對台灣發動的攻擊,Akamai 發現攻擊流量雖僅為平常的兩倍,卻仍有不少單位因此中斷服務。分析顯示,原因可能包括預留流量空間不足、防禦機制缺失或反應時間過長。 基於 Akamai 在國外對應此駭客組織的經驗,顧問團隊提出了短期、中期及長期的防禦策略: 短期措施 透過 WA F進行動態內容的精細緩存及設置調整。 重新審視 WAF 的流量控制設置。 引入 CDN 的故障轉移設定,確保原始伺服器故障時能向用戶提供適當通知。 中期措施 在緊急情況下通過 WAF 增強地理封鎖等訪問限制。 利用 Client Reputation 技術提升防禦效果。 隱匿或混淆原始伺服器的主機名和 IP,以防直接攻擊。 通過 EdgeDNS 防範 DNS 查詢型 DDoS 攻擊。 中長期措施 使用 Bot Manager 過濾機器人流量的影響。 通過 MSS 進行緊急處理,確保及時應對。 將原始伺服器設置於具備高 DDoS 耐受性的數據中心,以降低被牽連的風險。 總的來說,WAF 和流量控制機制是防禦的基礎。企業應考慮數據中心的防禦等級,並進行相應的基建。此外,由於當前攻擊模式以機器人為主,對此類攻擊的防禦措施也需到位。 政府針對金融業及上市公司的安全規範要求,如設置資安長及定期發布公告等,都是正確的做法,建議此範圍可擴展至中小型企業,並結合持續的演練以檢驗防禦有效性。台灣作為網攻的重災區,無論產業規模大小,皆需提升防禦準備。 關於 Akamai 安全 Akamai 安全致力於在每個互動點保護推動業務的應用程式,同時保障性能和客戶體驗。通過利用全球平台的規模及其對威脅的可見性,Akamai 與客戶合作預防、檢測和緩解各種威脅,幫助客戶建立品牌信任,實現商業願景。 欲了解更多關於 Akamai 的雲計算、安全和內容交付解決方案,請訪問 akamai.com 和 akamai.com/blog,或在 X(前身為Twitter)和 LinkedIn 上關注 Akamai Technologies。
SINGAPORE - Media OutReach Newswire - 14 May 2024 - New data from Nexusguard’s DDoS Statistical Trends Report 2024 reveals bad actors are shifting DDoS tactics. Computers and servers became the primary target of attacks, making up 92% of DDoS attempts, compared to only 68% in the previous year. Attacks are also becoming shorter and less frequent, but more powerful. While the overall count in attack frequency dropped 55% in 2023, the size of attacks grew 233%. Attacks lasting 90 minutes increased by 22%. This attack duration now makes up 81% of all DDoS attacks, while the most prolonged attacks spanning over 1200+ minutes saw a steep 95% reduction. “The modus operandi of cyber criminals is to cause maximum disruption with minimal effort,” says Donny Chong, the Product Director of Nexusguard. “Modern cybersecurity tools have become so advanced, it’s compelling bad actors to look for attack opportunities where the shortest disruption wreaks the most havoc. This is likely why we’re seeing more high-profile DDoS attacks on governments and the public sector, where even brief interruptions can have big consequences.” “Politically charged hacktivism is increasingly becoming a common motivator for many of today’s DDoS attacks,” adds Chong. “We expect this will make vital services in areas like public sector, government, and finance even more vulnerable, elevating the importance of national security and global diplomacy.” Application attacks have shifted starkly towards Windows OS devices, comprising 87% of all DDoS targets in 2023 compared to just 15% the prior year. Computers and servers represented 92% of DDoS targets compared to 8% for mobile devices – a massive shift from the year before, when the split for computer/servers and mobile devices sat at 32% vs. 68%, respectively. “Several reasons could explain this extreme shift in device targets,” Chong adds. “New vulnerabilities discovered in Windows OS, or more sophisticated malware, may have made it easier to compromise these systems. Botnets are also evolving, so attackers might be looking to exploit more powerful computing resources provided by computers and servers for more effective attacks. Regardless, no system is infallible. Real-world examples of DDoS attacks in 2023, like the exploitation of Microsoft Exchange server vulnerabilities and the rise of ransom DDoS attacks, serve as stark reminders of these attacks’ tangible impact.” Attackers continue to leverage techniques to launch massive attacks with limited resources. The most prominent attack vector to achieve this remains NTP Amplification Attacks – representing over a quarter (26%) of attacks. However, these attacks decreased by 17% in 2023, suggesting that improved network configurations and heightened security awareness mitigate the impact. In a sign of adaptation from bad actors, two other attack vectors are rapidly gaining on NTP Amplification: HTTPS Flood, notable for its subtlety in mimicking legitimate traffic, made up 21% of 2023 attacks, up from 12% in 2022. DNS Amplification saw the most significant rise, representing 14% of 2023 attacks, up from just 2% in 2022. This sharp spike and its potential to create large-scale disruption highlight a significant vulnerability in global internet infrastructure. More broadly, attack categories are shifting: The fastest growing threat category in 2023 was Application attacks (e.g. HTTP/HTTPS attacks from groups like Killnet), which rose 79% YoY in 2023 and comprised 25% of DDoS attacks, underscoring hackers’ tenacity for adapting against today’s advanced cybersecurity tools. Volumetric (direct flood) attacks accounted for 24% – a 30% decline YoY, suggesting network infrastructure is becoming better equipped to absorb large volumes of traffic – or that attackers are simply shifting strategies towards more sophisticated methods. Finally, single-vector attacks dominate 93% of DDoS attacks, again highlighting bad actors' prioritisation of simpler-to-execute techniques that require fewer resources and less expertise. These attacks disrupt operations and services effectively, blend more easily with legitimate traffic, and can quickly be distributed against broad targets. To learn more, read the full report. Hashtag: #nexusguard #ddos #ddosattacktrendhttps://www.linkedin.com/company/nexusguard/https://twitter.com/Nexusguardhttps://www.facebook.com/nxg.pr/The issuer is solely responsible for the content of this announcement.NexusguardFounded in 2008, Nexusguard is a leading distributed denial of service (DDoS) security solution provider fighting malicious internet attacks. Nexusguard ensures uninterrupted internet service, visibility, optimization and performance. Nexusguard is focused on developing and providing the best cybersecurity solution for every client across a range of industries with specific business and technical requirements. Nexusguard also enables communications service providers to deliver DDoS protection solutions as a service. Nexusguard delivers on its promise to provide you with peace of mind by countering threats and ensuring maximum uptime. Visit www.nexusguard.com for more information.
FRANKFURT, Germany, March 13, 2024 /PRNewswire/ -- The Link11 European Cyber Report 2023 highlights a dramatic 70% increase in DDoS attacks, with attacks reaching critical levels in just 14 seconds on average, compared to 55 seconds in 2022. Additionally, two thirds of observed traffic is machine-based, indicating the prevalence of bot activity. The report emphasizes the rising complexity of the threat landscape and the critical role of AI-based and automated security solutions in bolstering cyber resilience. Politically motivated attacks significantly contributed to the surge, targeting prominent entities worldwide, including German federal states, the European Investment Bank, and Microsoft. Geopolitical tensions globally contributed to a rapid escalation in DDoS attacks, particularly targeting critical infrastructure, public institutions, and political organizations. The ongoing conflicts, notably between Russia and Ukraine, and in Israel, fueled politically motivated DDoS attacks by organized groups. The report points out the heightened security risk posed by web applications and APIs, exacerbated by critical vulnerabilities in unpatched software. The EU's mandate for Apple to open its interfaces to third-party providers further intensifies the need for enhanced security measures in this area. Moreover, the rising threat from AI-driven bots presents significant challenges, with projections indicating a 131% surge in online bot fraud by 2027. Jens-Philipp Jung, Group CEO at Link11: "The impact of cyber incidents requires a risk-based, holistic cybersecurity strategy. It's about enabling innovation and growth with secure environments and transforming security concepts into competitive advantages." The report can be downloaded from the Link11 website. About Link11: Link11 is a global IT security provider specializing in protecting infrastructures and web applications from cyberattacks. Its cloud-based solutions help organizations worldwide strengthen cyber resilience and prevent business disruptions. Link11 is ISO 27001 certified, ensuring the highest standards in data security. Press contact: Lisa Froehlich l.froehlich@link11.com
SINGAPORE, Jan. 24, 2024 /PRNewswire/ -- CDNetworks, the APAC-leading network to deliver edge as a service, successfully detected and shielded a cryptocurrency exchange from a relentless Blockchain DDoS attack that occurred on January 9, 2024, which peaked at 1.025Tbps. Coincidentally, the attack occurred on the day before the U.S. SEC approved the first U.S.-listed Bitcoin Exchange-traded funds (ETFs). The ferocious attack, targeted a specific cryptocurrency exchange with extremely high peak volumes, raising global alert levels for organizations in the cryptocurrency industry to potential threats. The attackers used over 400,000 IP addresses and a substantial number of botnet network resources to launch an attack on the API interface of the cryptocurrency exchange. This incident, timed with the approval of the first U.S.-listed ETFs by the U.S. SEC, marks a turning point for blockchain cybersecurity threats. Doyle Deng, the Head of Global Marketing and Product at CDNetworks, explained, "The likelihood of an attack was high, especially on the eve of the US SEC's approval of Bitcoin ETFs. It could've been completely avoided if the exchange had collaborated with us to implement our Expert Emergency Response services or Major Event Support." He added, "I commend our service team for their diligent monitoring and cooperation with clients, which ensured a swift and effective response to the DDoS attack." Details of This Watershed DDoS Attack This incident happened on a cryptocurrency exchange that was using CDNetworks DDoS protection solution. The attackers targeted the API interface used for trading on the exchange's website. Their aim was to disable the exchange's trading capability with a DDoS attack before an upcoming major market event. To their dismay, CDNetworks successfully defended against the attack and prevented potential financial losses. Application Layer DDoS Attack: Major Attack Methods: HTTP Flood Attacks Time Period: 11:40 A.M. to 12:45 P.M. EST, January 9, 2024. Highest Volume: Peaking at 2,378,751 RPS Network Layer DDoS Attack: Major Attack Methods: SYN Flood, ACK Flood, etc. Time Period: 12:45 P.M. to 1:17 P.M. EST, January 9, 2024. Highest Volume: 1.025Tbps Successful Mitigation CDNetworks effectively repelled a meticulously planned DDoS attack by utilizing its powerful global distributed scrubbing resources and leading protection technologies like AI to proactively analyze and defend against abnormal attack characteristics in real time. For more information about how CDNetworks defended against this 1.025 Tbps blockchain DDoS attack on the eve of ETF approval, read our blog post detailing the mitigation process. About CDNetworks As the APAC-leading network with over 2,800 global Points of Presence and more than 20 years of technology experience, CDNetworks embraces the new era of Edge and takes it to the next level by using the Edge as a service to deliver the fastest and most secure digital experiences to end users. Our diverse products and services include web performance, media delivery, cloud security, zero trust security, and colocation services – all of which are uniquely designed to spur business innovation. To learn more, visit cdnetworks.com and follow us on LinkedIn. Media ContactCDNetworks Co. Ltdmedia@cdnetworks.comwww.cdnetworks.com
#DDoS
請先登入後才能發佈新聞。
還不是會員嗎?立即 加入台灣產經新聞網會員 ,使用免費新聞發佈服務。 (服務項目) (投稿規範)
