Together, your Internet even better

Articles tagged with: cyberattaques

Google reveals largest DDoS attack in history

on Thursday, 22 October 2020 Posted in Archives Rezopole

Google reveals largest DDoS attack in history

On October 16th , the Google Cloud team revealed a DDoS attack that targeted the Google service in September 2017. Having reached 2.54 Tbps, this is the largest DDoS attack recorded to date.

Researchers at Google's Threat Analysis Group (TAG) claim that this attack came from China, as it originated from the network of four Chinese Internet Service Providers (ASN 4134, 4837, 58453 and 9394).


Google Cloud reliability and security engineer Damian Menscher says the spike was the "culmination of a six-month campaign" that used multiple attack methods to hammer Google's server infrastructure. "The attacker used multiple networks to spoof 167 Mp/s (millions of packets per second) from 180,000 exposed CLDAP, DNS and SMTP servers, which then sent us significant responses".


Google revealed the incident last week for various reasons. Firstly, to raise awareness of the growing trend of state-sponsored groups of cyber attackers. But also to warn that DDoS attacks will intensify in the coming years as the bandwidth available to the Internet increases.



 Read the article


Source : ZDNet





Out-of-the-ordinary cyber-attack against SFR & Bouygues

on Friday, 11 September 2020 Posted in Archives Rezopole

Out-of-the-ordinary cyber-attack against SFR & Bouygues

The fixed Internet access service provided by SFR and Bouygues Telecom was unavailable for several hours last week. Indeed, the DNS (Domain Name System) servers of several operators were affected. "The DNS servers are used by all companies. It's a bit like a telephone directory. They translate the domain name of a website into an IP address to talk to it. So they have a key role as gatekeepers. They are often among the Top 3 critical applications for ISPs," explains Ronan David, head of strategy at Efficient IP.


The inability to connect, for most SFR and Bouygues Telecom customers last Tuesday, results from the fact that you use an operator's DNS servers by default when you subscribe to its fixed Internet access service. However, they could have connected to other DNS servers by configuring the network connection of their box because the DNS servers are always ready to communicate with everyone. And this is their weakness. "Since they are by definition very open, they are also very vulnerable. They are therefore prime targets for hackers," says Ronan David.

This type of aggression is common among ISPs, but SFR and Bouygues Telecom consider it particularly virulent. According to the Dutch DDoS protection organization NBIP, the DDoS (or denial of service) attack has also affected other ISPs in Belgium and the Netherlands. It recorded volumetric peaks of nearly 300 Gbit/s in volume. A level well above the average. Ronan David confirms, "The volume of 89% of DDos DNS attacks is below 50 Gbit/s. Here, it was up to 300 Gbit/s, six times more than usual. This is completely atypical."


This was a reflection attack, for example. "In the case of a DDos type DNS attack by amplification, there is one target, the DNS server, and then there is reflection, which means that other DNS servers are used to amplify the attacks and overwhelm the target server with requests so that it is no longer available," explains Ronan David.

Were other ISPs' DNS servers used to amplify the attack? Were SFR and Bouygues Telecom specifically targeted, or was their failure a collateral damage of a larger operation? Mystery, but this prospect would be daunting for all operators.


Another enigma remains to be solved: who are the attackers? Several hypotheses can be put forward. It could be a rogue gang... Unless the objective was political: to test communications and bring down an Internet gateway. In this case, it could be hostile foreign powers.



 Read the article


Source : 01net





Real-time global Internet traffic!

on Thursday, 07 November 2019 Posted in Archives Rezopole

Real-time global Internet traffic!

In a rapidly expanding global traffic, the Internet is constantly evolving. But analyzing these data transfers in their entirety represents a real challenge for researchers, while with such information they could help create a more efficient network, prevent failures and improve defenses against cyber attacks.


Using a supercomputer, a team of researchers from the Massachusetts Institute of Technology (MIT) recently succeeded in creating a tool to analyze global Internet traffic. Since 2015, they have analyzed nearly 50 billion data packets collected in Japan and California.
To do this, they were first forced to process this "hyper-deep" data with a technique called Dynamic Distributed Dimensional Data Mode (D4M). Then, in a second step, they created a neural network to analyze the data to find relationships.


The researchers likened the results to a measure of Internet background noise. This allows you to detect anomalies and obtain information on file sharing, malicious IP addresses and spam, attack distribution, as well as data traffic jams.




 Read the article


Source : Futura Tech





FaLang translation system by Faboba