Chinese TLD Hit by Major DDoS Attack

The domain servers of China’s .cn Top Level Domain (TLD) were hit with a major Distributed Denial of Service (DDoS) attack yesterday, disrupting a substantial part of Internet in China.

.cn-domainThe DDoS attack against the domain servers for .cn was the largest DDoS attack in history, according to the China Internet Network Information Center (CNNIC), the organization administering the TLD.

In a reaction, CNNIC said that the DDoS attack lasted for a couple of hours affecting a number of websites. CEO Matthew Prince of CloudFlare, a company that delivers web performance and security services for millions of websites, has told The Wall Street Journal that the company observed a 32% drop in internet traffic for the .cn domain during the attack. CNNIC stated on its website that the organization is working on enhancing its infrastructure to prevent major DDoS attacks like this happening again.

DDoS Attack Trends in APAC Region

Last week, DDoS Protection supplier Nexusguard released its DDoS trends report for the Asia-Pacific (APAC) region. The report covers findings from its own research in the APAC region in 2012 and proposes new technology that can protect organizations from increasingly sophisticated DDoS attacks.

In the report, Nexusguard states that no sector is safe. Banks, government organizations, private companies and non-profits were all targets of attack in 2012. Besides online commerce platforms being attacked for criminal reasons, government organizations would also often be targeted by ‘hacktivists’ for political or ideological reasons.

Large-scale attacks are relatively simple to detect and intercept, which is why attackers began developing more effective techniques: from web shell attacks to layer 4 attacks to layer 7 attacks. Even mobile devices are being used to launch attacks.

These new types of attacks are highly effective, according to the Nexusguard trends report. With cloud-based DDoS defense, organizations would now have tools that help them to proactively secure their networks and systems and stay one step ahead of attackers. Through big data analysis, users can analyze customer data, process historical records and real-time data, view website visitor data, authenticate identities, and report and monitor in real time.  The trends report closes with two predictions for DDoS trends in the APAC region. APIs need to be protected, whereas mobile DDoS botnets pose a new threat.

The full DDoS trends report can be downloaded at: http://www.nexusguard.com/research.htm

Furlow consulting