"Yi Jian Xing" was "Internet stormed". What countermeasures does the game company have other than "rather be broken jade"?

Tencent security 2022-06-24 05:28:43 阅读数:217


Three years of seclusion , Destroyed in DDoS The attack was fierce .

As a popular martial arts style multiplayer game ,《 Playing sword 》 The moment of official service opening , It was attacked wantonly by the hacker organization on the game server , Most players cannot enter the game , Then the server went down completely .

In the statement of developer Qingdu mutual entertainment , You can see that the signature is “ACCN” Hackers are just trying to 1 ten thousand 5 A thousand dollars of extortion income , It caused a devastating blow to the game belt , I have to make people feel sorry . Although Qingdu mutual entertainment firmly expressed that it would never give in , Return all recharges to the player and change the game to a stand-alone version , It is also difficult to recover the damage .

《 Playing sword 》 because DDoS Attack and offline , But also because of the public opinion and the attention of the players , Received a lot of support and encouragement . One side ,TapTap The platform side said that it would help solve the problem thoroughly , A large number of security manufacturers also actively communicate with developers , Hope to be able to 《 Playing sword 》 Provide solutions ; On the other hand , A large number of netizens use Weibo 、 Know how to initiate support , There is a wave of opposition in the game field DDOS Attack and blackmail 、 A wave of attacks against malicious hackers .

however ,《 Playing sword 》 It is not the first reason in the industry DDoS A game that goes down because of an attack , It will never be the last . So far , adopt DDoS Attack and extort profits from small and medium-sized game developers , A complete industrial chain has been formed , Almost all countries in the world . Infamous ACCN For example , Once attacked 《 From the knight 》《 Ancient Wars 》《 Humanoid awakening 》 etc. 20 The rest of the game ( Incomplete statistics ), And suffered DDoS The game makers of the attacks are numerous . The root of it , Or because the game industry is highly developed , Mature industrial chain , A large number of small and medium-sized developers can also quickly open the market with excellent ideas , And their defense against network attacks is basically zero , Therefore, it has become the target of malicious attacks .

According to Tencent's previously released 《2020 year DDoS Threat report 》 Show , Only in 2020 year , Cut in DDoS More attacks than 2019 It doubled in the same period of the year 、 Super large scale attacks are growing rapidly ; among No matter the number of attacks or the proportion of attacks in the game industry , All hit new highs , Become DDoS The hardest hit areas .

In terms of attack scale ,AWS and Google It has been announced that it has suffered more than 2Tbps The attack of , Officially declare DDoS The attack entered 2Tb Time .

Tencent security DDoS Technical director of protection 、 Luoxijun, R & D director, once said ,DDoS Rampant attacks can be seen from the attacker's perspective :

First , From the will 、 From the perspective of motivation , Last year, a sudden COVID-19 , It has brought great changes to people's way of life , Many activities have switched from offline to online , At the same time, it brings the rapid development of Internet services . Business is developing at a high speed , It will bring more opportunities to the attackers , Their profit margin is bigger ;

second , It's the ability of the attacker , Resources . In recent years IoT、5G Infrastructure is developing rapidly , meanwhile , Security issues will also arise , Such as weak password or some vulnerability problems , It's easy to get hacked , Make the device into “ chicken ”, Lead to DDoS attack ;

and , Now? DDoS There is also a tendency for attacks , It's the gradual instrumentalization of its attacks , Now it's called attack SaaS Service , It can lower the threshold for attackers . Imagine registering an account on a web page , Just click the mouse or call API The interface can launch an attack ;

Besides , The epidemic will also make attackers more motivated . Epidemic stimulates demand , Demand brings resources , Resources are in a continuous growth process , And the continuous growth of resources is strongly driven by motivation , So that attackers can make better use of resources . Sum up , Attack motivation and attack resources make 2020 year -2021 There's been a big increase in the trend of attacks in the past year .

that , As a startup , Facing such a dangerous environment , How to deal with it ?

Don't worry. , face DDoS An attack does not have to wait to be beaten , We have “ SanBanFu ”, It can help game entrepreneurs and even all those who provide online services to face DDoS Attack threat vendors succeed “ Cross robbery ”.

The first axe , Build the enterprise's own anti attack capability in a down-to-earth manner

It's like ordinary people have a cold , Maybe it's not all about taking medicine , But the body must first have a certain degree of resistance . Empathy , Business must first be in the process 、 Code development 、 Architecture and other aspects have a certain anti attack ability . The most basic thing is to have enough bandwidth space for protection , Not to be completely down under one attack ; The second is to seamlessly access security at the bottom of its own business , Do not affect business operation due to excessive security protection , Nor will the access of a security product completely change the business architecture and processes . Besides , Enterprises should also look at it from a larger perspective “ safety problem ”, You can't look at it in isolation DDoS When an attack comes, defend it DDoS attack , Instead, we should build a comprehensive network security 、 Identity security 、 Risk control 、 Anti plug in 、 Complete security capabilities such as information leakage prevention , Completely eliminate all possible hidden dangers of security threats .

The second axe , Go deep into the architecture level , Establish fast scheduling or hot switching capability

This is the problem of disaster recovery , It can also be called the ability to quickly restore business . As a game developer and publisher , The architecture must support distributed , When a network node has a problem, it will automatically switch , Automatically allow users to play fast games on another link . Even in DDoS The user is disconnected under the attack , It also allows users to quickly recover when reconnecting to the server , It can also achieve complete synchronization of data —— The publisher of the game itself , We should strengthen this capability in terms of architecture

The third axe , Seek professional help , Let professional people do professional things

When it really affects the survival and development of the enterprise , We still need to find a professional security service team to solve this problem . A lot of people say , Entrepreneurship is one thing “ High risk occupations ”, This is especially true in the game industry . Not only do we have to pay for manpower 、 Equipment expenditure , And the investment period is quite long . In the case of many games with zero promotion investment , The public praise from the public beta to the official release is very important . Once the start is bad , It is very likely that there will be no backhand .

meanwhile , There are a lot of young people in the game industry , The only costs they have are simply not enough to fight blackmailers for a long time —— This is why many game developers face DDoS Extortion of attack , Choose to pay tens of thousands of yuan in tears “ Ransom ” The core reason .

therefore , We strongly recommend that game developers , Consult a professional security service provider , Defend with professional partners DDoS Attacks and other potential security risks .

Tencent has long been 2006 Started in DDoS Research on Countermeasure Technology , And in 2010 It was officially launched in DDoS Defense system Aegis , Continued as QQ、 WeChat 、 Game for Peace 、 The Jedi survive 、 Glory of Kings 、 Professional and reliable DDoS Attack and defense solutions . In the era of industrial Internet , Tencent security has created a set of DDoS Attack detection and defense in one security product —— Tencent cloud DDoS Protection solutions , One stop solution for enterprises DDoS attack .

Trend against high traffic attacks , Tencent cloud DDoS Protection establishes corresponding capacity reserve , Has more than Tb Super large capacity and high protection node , Has successfully resisted for customers 1.23Tbps The largest known traffic attack in China , Currently in the game 、 Online retailers 、 Live broadcast and other industries are widely used , Helped Carrefour, an e-commerce giant, successfully resist large scale DDoS attack , Recognized by multiple industry head customers .

face DDoS Upgrade of attack technology , Tencent cloud DDoS Protection continuous iteration algorithm , adopt IP portrait 、 Behavior pattern analysis 、Cookie Challenge multidimensional algorithm , Combined with powerful AI Intelligent engine and multiple Threat Intelligence , Continuously update protection algorithm according to threat change , Effectively resist new security threats . On policy selection , Tencent cloud DDoS High flexibility in protection , Not only based on black and white list 、ACL、 Regular rule 、 Pattern matching and other strategies for cleaning and protection , Multiple sets of policy templates are also preset for users to choose , Ad hoc expert model , Fine grained protection policy adjustment , Second level detection from attack initiation to attack traffic cleaning is realized 、 Second response .

To meet the needs of many game manufacturers to develop overseas market , Tencent cloud DDoS The protection has established rich overseas nodes , take DDoS Protection capacity expanded to South Korea 、 Japan 、 The United States 、 Germany and other countries with intensive enterprises going to sea , Comprehensively guarantee the safe and smooth operation of enterprises' overseas business .

in the light of IPv6 and IPv4 The trend of long-term coexistence of , Tencent cloud DDoS Protection optimizes protection architecture and experience , Provide IPv4/IPv6 Double stack protection of , And support includes HTTPS All kinds of business layers from three to seven DDoS Protection scenario , Ensure smooth transition of users during architecture upgrade . Based on leading technology advantages , Tencent cloud DDoS Protection is difficult for the industry TCP Reflection 、CC attack 、 Business traffic replay 、 Scenarios such as connected attacks can be effectively defended .

Besides , Tencent cloud DDoS Protection also provides 7*24 Expert services , For enterprises in IPO、 New product release 、 Provide all-round professional guarantee for key links such as marketing promotion , Ensure business stability at critical times .

Actually , Entrepreneurship is like online games , On the one hand, it takes a lot of people to be powerful , On the other hand, we should have all kinds of occupations , And perform their respective duties , In order to successfully carry the big Boss, Harvest the spoils of war . that , Take the lead among the entrepreneurial partners T Our security company , Undoubtedly plays a vital role .

copyright:author[Tencent security],Please bring the original link to reprint, thank you. https://en.javamana.com/2022/175/20210811215558291z.html