To have a better experience, please upgrade your IE browser.upgrade
National Research and Education Network
Education Cloud Data Center
Over The Top/Multi-Tenant Data Center (OTT/MTDC)
Internet Exchange Point (IXP)
Internet Access Provider (IAP)
Design e simulazioni
Pianificazione e analisi
IoT per il settore petrolio e gas
Oleodotti e gasdotti digitali
Gestione operazioni e HPC
Trasporti pubblici intelligenti
Piattaforma cloud per la vendita al dettaglio
Logistics & Warehousing
Data Center aziendale
Comunicazioni cloud aziendali
Sistema di gestione della rete
Connettività sempre e ovunque
La connettività rende possibile la trasformazione digitale
Il computing AI economico e potente
Soluzioni sicure e resilienti
Leading New ICT
211 aziende Fortune Global 500 hanno scelto Huawei come partner per la trasformazione digitale
Buy from Huawei
Se hai bisogno di avere informazioni sul tuo progetto, invia le tue richieste e ti contatteremo appena possibile.
Se la tua azienda ha firmato un contratto eDeal con Huawei, ti preghiamo di acquistare il prodotto/la soluzione richiesta tramite il link sottostante.
Acquista da un rivenditore
Cerca un rivenditore nelle vicinanze e ottieni informazioni dirette.
Risorse e supporto
Huawei Authorized Learning Partner
Huawei Authorized Information and Network Academy
On December 11, Lorian Synaro, a suspected member of the hacker organization Anonymous, called on Twitter to launch a new round of attacks named "OpIcarus 2018 (OpIcarus 2.0)" on global central bank websites.
It is reported that the OpIcarus attack was launched in 2016 for the first time. It is mainly targeted at global financial institutions (banks) for continuous DDoS attacks, including TCP Flood/UDP Flood attacks, HTTP/HTTPS Flood attacks, a large number of HTTP POST requests, and exploits of SQL injection vulnerabilities on application systems.
Since the night of December 13, the HTTP and HTTPS online services of multiple banks in China have been plagued by attacks from addresses outside China. According to the data captured in this round of OpIcarus attacks, the attacks are hybrid attacks, which consist of NTP reflection amplification attacks and CC attacks on port 80 and port 443.
For the CC attacks on port 80 and port 443, carriers blocked attack traffic on international gateways to effectively protect the links of the attacked financial customers. Moreover, CC attack traffic at dozens of Mbps was further filtered out by carriers' devices on the MAN. However, more than 10 Mbps CC attack traffic was transmitted to the data centers of financial customers. As a result, the CPU usage of their web servers greatly increased; the response was slowed down; the normal access of users in China was affected. According to the analysis of attack information, the CC attacks include SYN, ACK, RST, Fin, TCP connection, HTTP Get, and HTTPS application attacks (with key exchange packets). The attack sources are scattered widely in America, Canada, Brazil, Indonesia, Uruguay, Ecuador, Greece, Russia, South Africa, Czech, Thailand, Hong Kong, etc.
•Because the attack sources are mainly outside China, enable the geographical location-based filtering policy to shield the attack traffic outside China.
•As CDN acceleration is commonly used for financial services, use the whitelist function for CDN IP addresses to prevent strict defense policy configuration from affecting normal services.
•As financial services do not involve UDP traffic, limit the rate of UDP traffic to effectively protect bandwidth.
•To defend against various types of CC attacks, (1) enable the following session-layer defense policies: setting the authentication mode for SYN flood attack defense to right-seq, checking ACK, FIN, and RST sessions, and limiting the rate of new and concurrent TCP sessions, and (2) enable the following application-layer attack defense policies: enabling HTTP 302 redirection and checking HTTPS session integrity (most attacks do not establish complete SSL sessions).
In addition, the attack data shows that the rate of NTP attack traffic is less than 40 Gbps. According to the statistics and analysis of previous Anonymous attack events, this hacker organization usually used small-to-moderate attack traffic to cause panic to the financial manufacturing industry, so as to express its political propositions. On a large-scale attack initiated by this hacker organization to Turkey in 2015, the peak traffic rate was only 40+ Gbps. However, the data center bandwidth of financial enterprises in China is generally 20 Gbps or below, so an attack at 40 Gbps will cause a strong impact on the financial enterprises.
To learn more about Huawei AntiDDoS products, please click:https://e.huawei.com/en/products/enterprise-networking/security/anti-ddos/8000