01. Thousands of hacker attacks, are they real?
When I go to work every day, I habitually open the website management background, and I see a large number of DDoS (Distributed denial of service attack) attack records. As an evergreen tree of network attacks, DDoS can attack multiple websites at the same time, quickly making your website inaccessible to users. It has the reputation of "available at your fingertips, home delivery, one blow is fatal".
It's okay if you are a personal site, but the site is not accessible. If it is a company website, whether you are trading services or products, the daily trading volume will plummet, and even the theft of data, technology, and products will directly endanger the company's operations.
That's why, during our interception process, we found that they are generally competitors of the website owner. Or, someone is jealous of your website traffic and daily active IP, as the saying goes, "There are many popular sites." The purpose of building a website is to make a profit, and the traffic pool is so large that it can only attack the big traffic owners and profit from it. Let's talk about it in the next chapter.
This is why this year's DDoS attack data has risen, and this method has been increasingly used among hackers. In the first quarter of 2020, the number and quality of DDoS attacks have increased significantly. Compared with the previous quarter, the number of attacks has doubled, and the number of attacks has increased by 80% compared with the first quarter of 2019.
At the same time, the biggest news recently is that the U.S. telecommunications network has encountered a DDoS attack. The national network has almost been paralyzed, and the network, phone calls, and text messages are no longer available.
This is also due to the fact that when DDoS attacks, the source IP address can be forged, and it is very difficult to detect the attack. Therefore, this attack method has become a very difficult attack to prevent, so the official websites of the government and public institutions are very difficult. avoid.
For example, we can view thousands of DDoS attacks in the background in one day. Of course, these are all blocked outside our automatic defense system.
According to the targets of recent DDoS attacks, it mainly focuses on medical organizations, payment services, and gaming and education platforms. The U.S. university platform website was attacked, with a total of about 20 DDoS attacks, and the network server was paralyzed for at least a few hours.
Thailand's public welfare alliance website suffered a strong attack with a traffic package of 500G per second, causing the platform website to be forced to shut down for 12 hours. The actual attack was ominous.
In March 2019, overseas Facebook sites also suffered DDoS attacks, and customers could not log in. There are also many DDoS attacks in China. There are more and more online education websites, college admission websites, platform websites promoted by Baidu search, board games and BC service platforms.
02. Why was it attacked?
First of all, the hacker industry has low barriers to entry and quick entry. Therefore, most black hat hackers rely on self-study, that is, when they practice hands, they will choose personal websites, which have low security performance. This is also why the website has been attacked when he is a nameless man.
According to statistics, junior hackers, that is, black hats who are hired to attack competitors, generally rely on DDoS websites and data to make money, with an average income of 10,000 yuan. The target of their attack is often the company, nothing more than what we said earlier that your competitor hired a black hat to attack your website.
Then there is a new generation of young people who believe that "hackers" are cool in order to prove themselves. In November 2018, a maliciously tampered short video app appeared on a forum. After investigation by the Internet police, it was discovered that Xiao Guo was a college student in Benxi, Liaoning.
The tampering of the short video APP was not for profit in the first place. He shared the tampered "version" and the technical details of the tampering with netizens on the forum. Tens of thousands of fans called it a "great god" at a time. Money or money is not as important as fame, but when fame comes, money comes.
In addition, independent hackers, for the purpose of extortion, make a fortune and run away. Like the “witty party girl” of the up-host of the famous Internet celebrity B station, the material was stolen or even extorted due to system security issues. However, this kind of situation is still rare in China. Generally, the targets are high-profit gray industry companies, which makes you dare not report the case.
For example, a former famous DDoSER named GL suddenly had a small idea and suddenly went to blackmail it. One month after extorting 50w of a certain board game, it completely disappeared from the Internet. And the secrets of getting rich in the market are also one of the reasons for the influx of young people into the hacker industry.
03. Major losses after hacking
It is still a trivial matter that the website cannot be logged in. For example, in the previous Nintendo riots and the leak of 2TB files, Resetera website user Atheerios paid close attention to the incident and speculated that the hackers attacked BroadOn servers, a company that cooperated with Nintendo.
The hackers obtained all the source code, data sheets, and design block diagrams of the Wii console, almost all of which were confidential company documents. This incident directly affected the layout of Nintendo’s games.
Recently, the cybersecurity platform Cyble revealed on Twitter that a hacker named THE0TIME hacked into the system of Huiying Medical Technology (Beijing) Co., Ltd. (hereinafter referred to as "Huiyi Huiying"), and the company’s internal new crown Detection technology and data are publicly sold on the dark web for 4 bitcoins (about 30,000 US dollars, 210,000 yuan).
For the company, the loss is fatal. How many illegal operations are there on the dark web, and how many ways the hacker community can play. Previously, Mt.Gox, the world's largest bitcoin exchange, was responsible for more than 3/4 of the world's bitcoin transactions. In 2013, 850,000 bitcoins were stolen from this exchange, with a market value of US$460 million. In less than a year, the exchange declared bankruptcy. The perfect interpretation of money comes and money goes, depends on the myth of a keyboard of hackers.
Regardless of whether the website is attacked or data stolen, there are common problems of system insecurity behind it. High-ranking hackers can easily attack Nintendo, medical company stealing and Internet celebrity materials, and can even remotely control the operation of cars, make hospitals a killing "paradise" for hackers, tamper with key medical data, invade human implants, etc. .
All this information tells us how big the security crisis behind the system is. It is a matter of life and death. It is no wonder that "hackers" are often the gods in film and television dramas.
04. How to deal with hacker attacks
Before, Internet hackers attacked Alibaba 300 million times a day, and Jack Ma implemented this statement: "Alibaba is not as everyone thinks, has never been attacked, on the contrary, it is subjected to more than 300 million attacks worldwide every day. Attacks have never been interrupted. No matter whether it is day or night or holidays, hackers never stop attacking. Just like everyone takes out their mobile phones every day, Alibaba has long been used to it."
Although he has suffered attacks from all over the world, Jack Ma still feels that this is a good thing. This is something that an ordinary technology company can't do. It can keep you vigilant at all times, and it will also allow you to continuously improve your technology. Level. Small and medium-sized enterprises are very afraid because there is no good protection. Jack Ma’s omnipotence is nothing more than a strong technical team. There is even a popular saying in the industry, "A system that has not been DDoSed is ashamed to say that it is safe."
And how can we ensure system security?
For large enterprises, large groups, and small and medium-sized companies with sufficient funds, this can be achieved by purchasing Cloud Shield, purchasing SLB load balancing technical services, and building a server group. At the same time, he has a CTO with a strong technical background, and the technical team is responsible for operation and maintenance.
Regarding cloud shield, SLB load balancing technology, and server farms, I don't need to say more about these purchases, because such companies often have a CTO with a technical background. In the case of Alibaba, the reason why it can handle 300 million attacks is because of the powerful Dharma Institute and technical team behind it.
If we only talk about websites, according to our current data, a website is often hacked 21 times a day. Whether a hacker can invade your internals depends only on his personal wishes: whether it is necessary to do so. It is a consensus that there are loopholes in the system and loopholes in the website.
But this is related to the safety of website construction, should there be a certificate? Is the protection that should be there? Therefore, there will be a kind voice in the matter of building a website, “If you don’t have a strong technical expert, don’t try to build a website yourself.” After all, beauty is secondary, and safety is the lifeblood, and whether it is normal. It all depends on technical foundation and operation and maintenance.
For us, as long as it is an Alibaba Cloud website product, we provide five technologies to ensure website security. Alibaba Cloud Shield security service (antivirus, beware of Trojan horses), SLB load balancing (request offloading, increase the number of server requests and responses, and easily respond to a large number of requests), DDoS protection (when massive traffic attacks, AI service automatically switches the server DNS resolution , Minute-level response, even if massive traffic attacks can ensure that the site is not affected), HTTPS certificate (to ensure that it is not maliciously monitored), SQL injection attack verification, to ensure data security.
Of course, these can also be achieved through the development of our own company, but only for a team with rich funds and a CTO. If you buy, you can also buy it from Alibaba Cloud. But when building a website, the cost of SLB load balancing alone is more than 1,000 a year, while buying a Supermax directly in the Aliyun website system is only 500 yuan, a full set of security maintenance, no need to worry about it, just buy it and use it.
This is because these five technologies can completely avoid hacker DDoS attacks. When an attack comes, DDoS protection is fully activated. At the same time, AI intelligent protection is also uniquely developed by us. Coupled with the website deployed on the Alibaba Cloud server group, the security is extremely high.
At the same time, we have a whole team of technicians to maintain and update patches regularly. After this series of machine actions and human maintenance, there is a 95% probability that it will not be hacked, and we can even say that there is a 99% probability that it can be protected.
I hope that today’s sharing will be helpful to your website’s security. If you have questions about cloud computing and website building, you can privately trust me.
Reference materials:
1. Has Nintendo been "understood" by the worst hacker attack in history? Qubit
2. When hackers start to kill people's brains remotely through a pacemaker
3. Group portraits of big hackers in the market: takeaway guys, women's big guys, cement masters
The picture comes from the Internet, and the infringement is deleted