Lieutenant General To An Xo, Chief of the Office of the Ministry of Public Security, said that the attack on VOV electronic newspaper (Voice of Vietnam), this is a high-tech crime attacking from abroad, very complicated and awkward. physical.
Hacker mobilizes an “army” to attack
Regarding the attack on the VOV online newspaper, talking to the newspaper, Lieutenant General To An Xo, Chief of the Office of the Ministry of Public Works, said that currently, the professional departments of the Ministry have stepped in and are conducting verification and investigation VOV electronic newspaper was attacked.
Lieutenant General said that in this case, the hackers used DdoS tactics, mobilized hundreds of thousands of machines to attack and overflow the bandwidth. “Objects mobilize the “army” to increase bandwidth, leading to network congestion, making it inaccessible to readers. Objects that attack continuously, if I don’t upgrade, I will lose,” said Lieutenant General To An Xo.
Cybersecurity expert Pham Thanh Binh – NB Company said that there are many methods to attack the computer network of any individual or organization, depending on the hacker’s purpose. use different attack methods.
There are a few common methods used by hackers such as, passive attack (Passive Attack), interception of network information. In this method, the attacker can consider the next actions, as a result, the information or data will fall into the hands of the attacker without the user’s knowledge.
Distributed attack, using software, malicious code on hardware or software for the purpose of unauthorized access to information or unauthorized access to functions on the system.
Insider attack, usually someone in the internal system, they will eavesdrop, steal or destroy information, use information fraudulently or illegally access information. Phishing attack, hackers will redirect users to fake websites and then steal user account information. Hijack attack, hacker will gain control of the conversation between you and other people.
In a password attack, the hacker breaks passwords stored in the database, using files containing potential passwords. Exploiting attack vulnerabilities, hackers will learn about security issues on the operating system and exploit their vulnerabilities.
According to Mr. Binh, hackers also attacked the general management and control system; denial of service attack, with this type of attack, hackers will access the network system and send unreasonable data to network applications or services, causing termination of this application or service; Man-in-the-middle-attack, the hacker will fake your identity to read your messages to gather more information; By attacking the key, the hacker will gain access to the communications to decrypt or modify the data.
Hackers can also use other methods such as direct attacks, eavesdropping, spoofing addresses, disabling system functions or attacking human factors, Mr. Binh said.
The objects of the attack were also on VOV’s Fanpage.
Plan deal, prevent
Meanwhile, the story of technology outsourcing Vu Huy Hoang assessed, VOV electronic newspaper was attacked by DDoS, a traditional attack method that hackers often use. The purpose of DDoS attack is to make a distributed denial of service, causing the collapse of an entire online server system. Currently, there are many types of DDoS attacks, the most common are 25 methods: NTP Flood, Fraggle Attack, SYN-ACK Flood, SYN-ACK Flood, ACK & PUSH ACK Flood, Fragmented ACK Flood, Spoofed Session Flood, UDP Flood , DNS Flood, VoIP Flood, SYN Flood, CHARGEN Flood, SSDP Flood, SSDP Flood, SNMP Flood, HTTP Flood, Recursive HTTP GET Flood, ICMP Flood, Misused Application Attack, IP Null Attack, Smurf Attack, LAND attack Ping of Death Attack , Slowloris, Low Orbit Ion Cannon, High Orbit Ion Cannon, ReDoS.
“Besides many DDoS attack methods, there are also many ways to prevent a DDoS attack. If you can determine the IP address of the computer performing the attack, you can create an ACL (management list). access control) in the firewall to block these IPs, even blocking the IP of an entire country in case of need.
In addition, we can also monitor traffic to detect small DDoS attacks that hackers still use to test the network’s capacity before attacking.
Therefore, for administrative solutions, users should buy more bandwidth, set up multiple servers and use balanced solutions,” said Mr. Hoang.
Previously, on the evening of June 12, the website of VOV.VN electronic newspaper began to be attacked. On June 13, it was attacked heavily, making readers unable to access it for many hours. From June 14, the newspaper continued to be attacked, readers accessed in a “sleepy” and unstable way. The attacks continued in the days that followed, but with less intensity.
However, to prevent high-tech criminals from attacking from abroad is very difficult and expensive. According to Mr. Hoang, a few other prevention methods can be mentioned such as optimizing website servers to receive more more visitors, set up IP anti-spoofing features in the firewall, block the router’s ICMP or hire a reputable DDoS protection service.