In early July, VNETWORK effectively recorded and protected the server system against DDoS attacks with traffic up to 150Gbps, a relatively large number for small and medium-sized server systems, with limited defense technology.
Details of the DDoS attack
On July 7, VNIS - a comprehensive security platform for websites, applications, and APIs by VNETWORK recorded a DDoS attack with a traffic of up to 150Gbps targeting the server system took place. According to experts at VNETWORK Network Security and Response Center, the main purpose of this attack is to cause network congestion, making users unable to access resources stored on the system and leading to reputational and economic damage for enterprises.
Detailed of the DDoS attack recorded by VNIS platform on July 7
In fact, a network includes inbound and outbound traffic, taking advantage of this, hackers when performing attacks will send a lot of virtual requests that make the server busy processing junk information, leading to system overload. This situation lasts a long time, causing users to wait longer than usual to receive a response. More seriously, with large-traffic attacks as noted by the VNIS platform recently, some small server systems will have a high probability of “crashing”, making the website inaccessible and causing huge losses in opportunity and reputation for businesses.
According to information recorded from the system, although the attack via UDP protocol has a traffic of more than 50Gbps and TCP attacks up to hundreds of Gbps, no unfortunate damage occurred thanks to the timely and effective prevention from VNIS platform as well as VNETWORK’s leading team of experts.
How has VNIS platform responded to DDoS attacks?
In terms of infrastructure, VNIS platform is integrated and managed by VNETWORK leading CDNs in the world, capable of resisting large DDoS attacks, ensuring the website always works to the maximum even when being attacked, helping to maintain the user experience and safety for the unit. Currently, VNETWORK builds VNCDN system, including many PoP (Points of Presence) servers linked and located worldwide. VNCDN has more than 280 PoPs CDN globally, domestic bandwidth reaches nearly 9 Tbps, capacity to load more than 5,000,000 CCUs (simultaneous users), and process more than 8 billion requests per day. In addition, VNETWORK also has hundreds of servers located in Tier 3 Data Centers across Vietnam, ensuring that the system will successfully handle access to 99.9% of requests from customers.
The multi-CDN system helps ensure on-time for the website
In terms of technology, VNIS platform has been equipped with Multi WAF by VNETWORK, with many Cloud WAF clusters globally, ready to take advantage of the powerful cloud infrastructure to quickly isolate threats when website traffic spikes. In addition, VNIS also integrates the WAF network monitoring system (Scrubbing Center) to coordinate all activities of Cloud WAF clusters in many countries, helping the server system to be safe and operate stably against extremely large DDoS attacks (up to 2,600Tbps). Applying the development of AI artificial intelligence, VNETWORK has built an Intelligent Load Balancing System (AI Load Balancing) combined with a Real User Monitoring System (RUM) capable of detailed analysis of attack sources, reporting real user interactions with websites, automatically detecting the shortest path between server and user and routes traffic quickly.
Understanding the urgency and timeliness of cybersecurity, VNETWORK has built network Security Operation Centers (SOCs) with the spirit of readiness to operate in urgent situations to minimize losses. Currently, VNETWORK’s SOC system is present in Vietnam, Singapore, and many other countries, supporting enterprises to monitor and respond to cyber attacks immediately.
Orientation of VNIS in the future
DDoS attacks are becoming more sophisticated and difficult to recognize due to the strong development of AI artificial intelligence as well as 5G technology. To catch up with the trend and respond to the situation, VNETWORK has constantly researched and developed plans to bring the most optimal solutions to enterprises as follows:
VNETWORK has deployed a powerful infrastructure system including all hardware applying the latest technology using NVME disks to make read and write speeds up to 10 times faster than SSDs, helping VNIS security system increase the capacity to load an additional 100 million requests at layer 7, and 4Tbps at layer 3,4. Besides, VNETWORK has upgraded the CPU to the latest generation, with max 128 cores, to cope with large-scale attacks.
In the future, VNETWORK is researching and building a SIEM system with the ability to collect, synthesize and store optimal information, along with the ability to predict attacks and give immediate warnings when there are fluctuations. At the same time, VNETWORK also focuses on developing AI artificial intelligence technology to increase the ability to detect and prevent more sophisticated and complex attacks.