Although DDoS attacks have been developed and used for a long time, they are still the most dangerous threat to enterprise websites and applications along with the serious consequences it brings when happen. How to build DDoS Mitigation processes and methods on the system is always the top concern of businesses today.
In recent years, DDoS attacks - Denial of access attacks have increased "spill" in both quality and quantity. DDoS attacks take place with enormous scale and unbelievable sophistication, and hacker groups are constantly improving and evolving to be able to bring down systems in the shortest time. Instead of continuing with the approach with long continuous attacks, large-scale DDoS campaigns in recent times have become shorter and "brutal" many times over.
DDoS attack campaigns are getting much worse
According to research from a leading network security research center in the world released in October 2021, DDoS attack campaigns are trending in general as they gradually decrease in time and frequency between attacks. During the campaign, but the power of attacks was greatly enhanced by cybercriminals with the ability to crash the system in just a few minutes.
Typical denial of service attacks that have been going on for hours or even days should be included in the history books. The average duration of more than 99% of DDoS attacks taking place in 2021 was determined to be 6.1 minutes.
The new trending DDoS campaigns are brutal and much worse
Meanwhile, the number of attack campaigns and the intensity of attacks during the campaign have a worrying increase. According to the latest research on the security situation in the first 2 quarters of 2021, the whole world has about 5,591 DDoS attack campaigns with the ability to generate more than 261 billion packets.
The highest bandwidth recorded in the attack campaigns reached over 400Gbps, far beyond traditional boundaries. Even the lightest attack campaigns were recorded reaching close to 263Gbps. Specifically, at 2 PM on September 19, 2021, VNETWORK also stopped a huge DDoS attack campaign with a scale of nearly 350Gbps targeting our customer's server system. The offensive campaign is divided into 3 consecutive attacks with 10 minutes on each wave, the campaign was detected early by the VNIS system thanks to the surveillance system from the SOC department. Besides, VNETWORK has implemented a mechanism to hide the IP of the original server system for customers. There is also a Multi CDN network linking the global CDN to help reduce DDoS (DDoS Mitigation) load that can reach 2600Tbps.
Improved DDoS Mitigation measures have led to the evolution of DDoS attack methods by hackers
Attackers are always looking for the most effective and profitable ways to infiltrate enterprise servers. And in the general situation when DDoS Mitigation solutions - reducing denial of access attacks have been continuously upgraded in technology, cybercriminals have switched to a method of approaching short attacks with high-intensity many times higher. Organizations operating on digital platforms need to prepare suitable DDoS Mitigation measures for themselves against this threat.
The attacks are short-lived but cause heavy damage, making businesses worried. The hacker situation is assessed by cybersecurity experts as a clear improvement attempt to overcome the limitations inherent in popular DDoS Mitigation solutions that businesses regularly use to protect their systems.
Many security service providers that provide DDoS Mitigation solutions usually commit to a response time (SLA) when there is an attack or problem on the system in the range of 15 minutes to 1 hour. This means that the entire attack campaign is completed (just 6.1 minutes) before the DDoS Mitigation solutions are used. And by this time, the most important data or even the source code of your business are publicly sold on forums and online groups of hackers.
The upgrade of DDoS Mitigation solutions has led to a change in the approach of hackers when attacking
By approaching short bursts of brute force attacks that take place before security measures respond and stop them, it is possible for groups of hackers to continuously return and continue attacking the target system. until their blackmail or deeper purposes are satisfied. This attack method in the first time when it was used has overwhelmed security and network security teams with its cunning.
And with its remarkable success compared to traditional attack methods, this attack method has become a common trend when hacker groups will launch the first attacks as a "warning shot" to cause panic on the attacked target, from which the extortion request is sent with the payment request so as not to continue to suffer from continuous attacks on the origin server system of the enterprises.
But the actual story is not so rosy and easy. The truth is that when businesses have accepted to pay a ransom to stop attacks for groups of hackers, we have no method to make them commit not to continue carrying out blackmail attacks on your system again.
And there are many real-life cases where cybercriminals "break their promises" after receiving the ransom, they continue to come back to attack with a much higher payment request.Simply put, when your business can pay once, it means your business is ready to continue to pay many times.There was no reason for attack groups to ignore their easy and delicious prey like this.
More seriously, with attackers having technological understanding and inherent weaknesses on DDoS Mitigation solutions, they can completely distract the security team in the process of penetrating before the threat. The real threat is waiting at the door.
A new trending DDoS attack campaign that targets an organization's systems using only simple or outdated DDoS Mitigation methods that can easily surreptitiously gain access to an enterprise's original server system while still lying on the ground. below the detectability threshold of security solutions on the system until it reaches enough overload capacity and completely knocks down the firewall and security measures on that system. And once this process is successful, hackers have the perfect opportunity to steal data, install malicious code or even penetrate deeper into the internal network to steal sensitive data.
An effective DDoS Mitigation solution for businesses in the current worrying situation
Regardless of the exact motives of cybercriminals for changing their attack patterns, it is imperative for organizations operating in cyberspace to change their methods of mitigating DDoS attacks on their systems is the most important thing right now. Conventional DDoS Mitigation solutions rely entirely on enhanced connections, which are no longer effective when these connections are completely overwhelmed from the first seconds of the attack.
At VNETWORK, our team of programmers with many years of experience have built and developed a VNIS security system with the ability to comprehensively protect the enterprise's original server system against the trend of DDoS attacks.
VNIS is a comprehensive security tool for enterprise website and application systems with the ability to hide the IP of the origin server. Along with a network of many high-end CDNs from leading regional and international CDN providers such as CloudFlare, Akamai, VNCDN,... combine to form a huge Multi CDN system that will "carry" almost all of them. request queries to the origin server, providing stable operation for the website system even during an attack.
Along with that is the Cloud WAF firewall with special power in filtering and blocking all attack access and not allowing it to gain access to the origin server.Secure protection for layers 3, 4 and 7 on the origin server against DDoS attacks and other malicious agents in the network environment.
Combined with the combined power of more than 2,300 PoP servers located globally with attack load capacity up to 2,600 Tbps and the new technology Cloud WAF system with AI artificial intelligence integrated on the load balancer The system will create a comprehensive protection solution for the website against all existing risks in cyberspace from security holes, DDoS attacks, Botnet, Crawler,...
In addition, to address the exponentially increasing demand for the secure transmission of enterprises after the COVID19 pandemic, VNETWORK has continuously developed and launched solutions for transmission and system security. with the latest technologies to best serve our partners operating on the digital platform:
VNCDN - Solution for content transmission and website acceleration by CDN (Content Delivery Network) technology with the ability to receive nearly 3 million simultaneous user visits to the system.
VNIS - A comprehensive security solution for enterprise website systems, controlling and preventing security holes and malicious data collectors. With a global CDN bandwidth of up to 2600Tbps along with the ability to integrate global CDN providers into a giant Multi-CDN system, it helps to optimize the transmission performance of the website system while helping to fight traffic attacks (DDoS, DoS) effectively.