AWS |
AWS Database Blog |
Introducing Amazon ElastiCache support for AWS Outposts |
https://aws.amazon.com/blogs/database/introducing-aws-outposts-support-to-amazon-elasticache/
|
Introducing Amazon ElastiCache support for AWS OutpostsAWS Outposts is a fully managed service that extends AWS infrastructure AWS services APIs and tools to virtually any data center co location space or on premises facility for a truly consistent hybrid experience It s designed to meet the needs of customers who have workloads with low latency local data processing or data residency requirements The Outposts … |
2020-10-16 17:21:11 |
AWS |
AWS Government, Education, and Nonprofits Blog |
California using open source solutions and the cloud to create a model of models |
https://aws.amazon.com/blogs/publicsector/california-using-open-source-solutions-cloud-create-model-of-models/
|
California using open source solutions and the cloud to create a model of modelsGovernments like the state government of California are in the midst of a transition to a new way of delivering vital information services and programs using technology and the cloud Government organizations are adopting approaches pioneered in the technology industry including user centered design agile development data science modular contracting and the use of modern technology platforms Many of these governments like the state of California are using Amazon Web Services AWS to respond quickly and scale to battle unprecedented challenges like COVID and help them quickly make decisions about how to protect their constituents |
2020-10-16 17:23:05 |
Google |
Official Google Blog |
How we're tackling evolving online threats |
http://feedproxy.google.com/~r/blogspot/MKuf/~3/5L2aSnCfBW8/
|
How we x re tackling evolving online threatsMajor events like elections and COVID present opportunities for threat actors and Google s Threat Analysis Group TAG is working to thwart these threats and protect our products and the people using them As we head into the U S election we wanted to share an update on what we re seeing and how threat actors are changing their tactics What we re seeing around the U S electionsIn June we announced that we saw phishing attempts against the personal email accounts of staffers on the Biden and Trump campaigns by Chinese and Iranian APTs Advanced Persistent Threats respectively We haven t seen any evidence of such attempts being successful The Iranian attacker group APT and the Chinese attacker group APT targeted campaign staffers personal emails with credential phishing emails and emails containing tracking links As part of our wider tracking of APT activity we ve also seen them deploy targeted malware campaigns One APT campaign was based on emailing links that would ultimately download malware hosted on GitHub The malware was a python based implant using Dropbox for command and control It would allow the attacker to upload and download files as well as execute arbitrary commands Every malicious piece of this attack was hosted on legitimate services making it harder for defenders to rely on network signals for detection In one example attackers impersonated McAfee The targets would be prompted to install a legitimate version of McAfee anti virus software from GitHub while malware was simultaneously silently installed to the system Example prompt from an APT campaign impersonating McAfeeWhen we detect that a user is the target of a government backed attack we send them a prominent warning In these cases we also shared our findings with the campaigns and the Federal Bureau of Investigation This targeting is consistent with what others have subsequently reported Number of “government backed attacker warnings sent in Overall we ve seen increased attention on the threats posed by APTs in the context of the U S election U S government agencies have warned about different threat actors and we ve worked closely with those agencies and others in the tech industry to share leads and intelligence about what we re seeing across the ecosystem This has resulted in action on our platforms as well as others Shortly after the U S Treasury sanctioned Ukrainian Parliament member Andrii Derkach for attempting to influence the U S electoral process we removed Google accounts that were linked to him Coordinated influence operationsWe ve been sharing actions against coordinated influence operations in our quarterly TAG bulletin check out our Q Q and Q updates To date TAG has not identified any significant coordinated influence campaigns targeting or attempting to influence U S voters on our platforms Since last summer TAG has tracked a large spam network linked to China attempting to run an influence operation primarily on YouTube This network has a presence across multiple platforms and acts by primarily acquiring or hijacking existing accounts and posting spammy content in Mandarin such as videos of animals music food plants sports and games A small fraction of these spam channels will then post videos about current events Such videos frequently feature clumsy translations and computer generated voices Researchers at Graphika and FireEye have detailed how this network behavesーincluding its shift from posting content in Mandarin about issues related to Hong Kong and China s response to COVID to including a small subset of content in English and Mandarin about current events in the U S such as protests around racial justice the wildfires on the West Coast and the U S response to COVID We ve taken an aggressive approach to identifying and removing content from this networkーfor example in Q alone our Trust and Safety teams terminated more than YouTube channels As a result this network hasn t been able to build an audience Most of the videos we identify have fewer than views and most of these views appear to come from related spam accounts rather than actual users So while this network has posted frequently the majority of this content is spam and we haven t seen it effectively reach an actual audience on YouTube We ve shared our findings on this network in our Q and Q TAG bulletins and will continue to update there Examples of YouTube videos removedNew COVID targetsAs the course of the COVID pandemic evolves we ve seen threat actors evolve their tactics as well In previous posts we discussed targeting of health organizations as well as attacker efforts to impersonate the World Health Organization This summer we and others observed threat actors from China Russia and Iran targeting pharmaceutical companies and researchers involved in vaccine development efforts In September we started to see multiple North Korea groups shifting their targeting towards COVID researchers and pharmaceutical companies including those based in South Korea One campaign used URL shorteners and impersonated the target s webmail portal in an attempt to harvest email credentials In a separate campaign attackers posed as recruiting professionals to lure targets into downloading malware Spoofed Outlook login panel used by North Korean attackers attempting to harvest credentialsTackling DDoS attacks as an industryIn the threat actor toolkit different types of attacks are used for different purposes Phishing campaigns can be used like a scalpelーtargeting specific groups or individuals with personalized lures that are more likely to trick them into taking action like clicking on a malware link while DDoS attacks are more like a hatchetーdisrupting or blocking a site or a service entirely While it s less common to see DDoS attacks rather than phishing or hacking campaigns coming from government backed threat groups we ve seen bigger players increase their capabilities in launching large scale attacks in recent years For example in our Security Reliability Engineering team measured a record breaking UDP amplification attack sourced out of several Chinese ISPs ASNs and which remains the largest bandwidth attack of which we are aware Addressing state sponsored DDoS attacks requires a coordinated response from the internet community and we work with others to identify and dismantle infrastructure used to conduct attacks Going forward we ll also use this blog to report attribution and activity we see in this space from state backed actors when we can do so with a high degree of confidence and in a way that doesn t disclose information to malicious actors |
2020-10-16 17:30:00 |
python |
Pythonタグが付けられた新着投稿 - Qiita |
Julia早引きノート[07]try, catch, finally |
https://qiita.com/ttabata/items/1d6fe990526c99b65b5f
|
Julia早引きノートtrycatchfinallytrycatchfinally書き方例notetry主処理catch例外処理endfinallyを使用した例try例外処理catch例外処理finally最終処理end解説・catchfinallyはオプショナルです。 |
2020-10-17 02:43:57 |
Program |
[全てのタグ]の新着質問一覧|teratail(テラテイル) |
API通信で生成されるWebページの仕組み |
https://teratail.com/questions/298525?rss=all
|
API通信で生成されるWebページの仕組み質問したいことWebAPI形式でバックエンドと通信する場合はどのように画面が表示されるのでしょうかブラウザやWebアプリケーション画面を表示するには下記のパターンがあると理解しています。 |
2020-10-17 02:21:00 |
技術ブログ |
Developers.IO |
[발표자료] 온라인 주문 서비스를 서버리스 아키텍쳐로 구축하기 – AWS Community Day Online |
https://dev.classmethod.jp/articles/aws-community-day-online-2020-serverless/
|
발표자료 온라인주문서비스를서버리스아키텍쳐로구축하기 AWS Community Day Online안녕하세요 ㅎㅎClassmethod 컨설팅부소속김태우입니다 도쿄는오늘부터갑자기기온이뚝떨어져서반팔반바지채로밖에나갔다가 추워서다시얼른집으로들어가버렸습니다ㅎㅎ환절기인데 |
2020-10-16 17:21:18 |
海外TECH |
Ars Technica |
Twitter abruptly changes hacked-materials policy after blocking Biden story |
https://arstechnica.com/?p=1715341
|
biden |
2020-10-16 17:01:02 |
海外TECH |
DEV Community |
Responses to AMA as Lead Product Designer at Forem |
https://dev.to/devteam/responses-to-ama-as-lead-product-designer-at-forem-5b93
|
Responses to AMA as Lead Product Designer at ForemHey everyone The other day I posted this AMA post to get some questions to go over in our Twitch livestream I m Lisa Sy a Product Designer at DEV Forem AMA Lisa Sy she her ・Oct ・ min read ama meta design hacktoberfest You can watch the recording here on YouTube but if you want to read through some of the AMA responses I wrote this handy post for you Sung M Kim Oct Hi Lisa Thank you for the AMA What is a Product Designer role and how does it work I d love to hear what the day to day would be like as one A product designer defines and creates the user and product experience to give value to people or an organization A product designer helps the team envision what that value could look like by gathering context on why we want to provide this value informed by user research amp data business needs generating ideas on how we could do this ideating brainstorming generating design ideas and then working with the team of engineers and PMs to make it real polishing and shipping But it doesn t end there because a product designer is concerned with if their solution provides value they ll care about measuring their impact of their work They ll also rely on a healthy dose of research and data to inform their work Typically a product designer isn t expected to know front end development but because Forem is pretty small our design team just the of us both do that here The benefit of knowing how to code is that it helps us collaborate with engineers and developers better Ben Halpern Oct Can you tell us about your journey to get here as a designer for Forem What professional personal experiences influenced you most along the way My childhood consisted of Geocities AIM chat rooms Neopets Xanga Myspace and internet forums as well an obsession with drawing and the visual arts DeviantArts anyone When I entered university I had no idea what career path I would pursue but I thought I could never pursue anything creative because it would be impractical I didn t want to be a starving artist Long story short I really hated my Econ class but would spend my free time learning Photoshop off of tutorials like these and making graphic design flyers for my friends theater shows and bands Those graphic design flyers led to learning web design and making Wordpress themes Around this time I began to learn more about what UI and UX design was and studied that Eventually I worked on my first opportunity as a product designer in with peter and ben on Texts com That eventually led me to work at thoughtbot and Facebook as well as freelancing before I ended up full circle at Forem with Peter Ben jess and the rest of the team When I joined Forem I knew I found the right opportunity I was looking for at this time in my career Spending time in large corporations made me miss working in a smaller environment where I could try more things with fewer risks Working at thoughtbot taught me that I definitely appreciate doing front end while I m designing because if I code my designs I don t have to make as many specs for engineers P Working at Facebook taught me about how rewarding and challenging it is to design communities at scale Freelancing with startups helped me learn that I wanted more agency and converage in my role and work Gracie Gregory she her Oct Throwing it back to DevDiscuss Season One with my question What are some of your absolute favorite design tools Or just web tools in general Lucky to have you here at Forem Lisa Here are a few things I use a lot Figma for screen designing creating diagrams and user journeys collaborating and prototyping Paper pencil for planning out wireframes amp sketches Loom for video and screen recording Any word document tool for writing out a project brief a user research script and the endless possibilities We use Google Docs at Forem Stiv Marcano Oct Hi Lisa thanks for the AMA What is your educational background as a product designer Do you think it s possible to make the move from developer to product designer What are some key skills you think you need for your role Do you think it s possible to make the move from developer to product designer Yes I ve seen it happen often with devs with an eye towards design and want more agency and confidence in building something from scratch When they could come to me and ask advice on how to make the transition I tell them that if they re currently in a developer role at their company they should try to work more closely with their designers and even take on small design tasks when they can If you can gradually improve your design skills at work or with people where you have some support it will feel much more encouraging along the way What are some key skills you think you need for your role Here are a few ones Fundamental art principles color typography CommunicationKnowledge of UX fundamentals and web designAppetite for user research and dataIt could differ based on what specialty of design you want to focus on are you more of a visual designer or will you care more about building design systems shaijut Oct What steps a software developer should take to become a creative UI designer Start to analyze why something works well and why Take notes Visual design is all about acquiring taste Ira Glass talks about the gap Collect as many visuals that inspire or move you almost like an archive of inspiration for you I d keep these in my Tumblr Pinterest Dribbble and re visit them whenever I needed some inspiration Take screenshots of Apple products and re draw everything from scratch using Figma You can do this for any apps you think are well designed This will help you close the gap and force you to pay attention to small details I hope this was all helpful Reach out to me if you have any questions and follow DEV on Twitch to be notified when we start streaming in the future |
2020-10-16 17:47:23 |
海外TECH |
DEV Community |
Week 3: Forem Hacktoberfest Twitch Events Recap |
https://dev.to/devteam/week-3-forem-hacktoberfest-twitch-events-recap-4dkd
|
Week Forem Hacktoberfest Twitch Events RecapThis week the Forem team hosted four streams on Twitch during Hacktoberfest Here is a recap of what we discussed Tuesday Oct th Gratitude Stream Nick Taylor and I gave shoutouts to DEV community members who contributed to Forem last week We had over PRs merged from different folks Hacktoberfest Week Three ーThank you to our Contributors on Forem ️ Christina Gorton・Oct ・ min read opensource gratitude meta hacktoberfest Tuesday Oct th Liquid Tags talk with Arit Amana hosted by Raise dev Nick Taylor and I were joined by Arit Amana on the raise dev Hacktoberfest Helpdesk to talk about Liquid Tags Arit shared how we use them at Forem and what bugs she has found and fixed while working with them Wednesday Oct th Walkthrough Wednesday Nick Taylor and I were joined by special guest Lisa Sy the Product Designer at DEV Forem Lisa answered questions from folks on DEV and shared a lot of great information about working as a product designer and her design process Check out Lisa s post to read answers to the questions from her AMA Responses to AMA as Lead Product Designer at Forem Lisa Sy she her ・Oct ・ min read ama meta design hacktoberfest Thursday Oct th Pair Programming with Rachael DEV community member and Twitch streamer Rachael Wright Munn joined us on the stream to enhance the recent work she did on creating the Twitch liquid tag Add twitch liquid tags ChaelCodes posted on Oct What type of PR is this check all applicable Refactor x Feature Bug Fix Optimization Documentation UpdateDescriptionRelated Tickets amp Documentsresolves Twitch Documentation on EmbedsDev To docs on Liquid TagsQA Instructions Screenshots RecordingsPlease replace this line with instructions on how to test your changes as wellas any relevant images for UI changes Added tests x yes no because they aren t needed no because I need helpAdded to documentation docs forem com readme no documentation needed View on GitHub Thanks to all our viewers who joined the streams and chatted with us this week We look forward to seeing you again next when we are joined by Forem team member Vaidehi Joshi to talk about what she does as a software engineer at Forem working with the backend and answering your questions Walkthrough Wednesday with Vaidehi Joshi Wednesday Oct st at pm edt Nick Taylor and Christina Gorton will host an AMA with Vaidehi Joshi and talk about Forem s backend architecture and open issues hacktoberfest opensource meta events・ The DEV Team We will also be joined by community member Marie Antons who will be pairing with Nick on this open issue Twitch Liquid Tags Pair Programming with Marie Anton Thursday Oct nd at pm EDT Nick Taylor and Christina Gorton are joined by DEV community member Marie Anton Marie and Nick will pair program on an open liquid tags issue hacktoberfest opensource meta events・ The DEV Team Keep an eye on ThePracticalDev Twitch channel for our streaming schedule P S If you re curious about the open Forem issues you can contribute to check out this post Contribute to Forem this Hacktoberfest Christina Gorton・Oct ・ min read opensource meta hacktoberfest contributorswanted P P S Want a refresher on some Hacktoberfest rules tips and advice from DEV Don t miss this post Happy Hacktoberfest Jess Lee she her ・Oct ・ min read hacktoberfest opensource meta contributorswanted |
2020-10-16 17:29:55 |
Apple |
AppleInsider - Frontpage News |
Apple begins taking pre-orders for iPhone 12 and iPhone 12 Pro |
https://appleinsider.com/articles/20/10/16/apple-begins-taking-pre-orders-for-iphone-12-and-iphone-12-pro
|
Apple begins taking pre orders for iPhone and iPhone ProThe first two models of Apple s new iPhone range have now started pre orders with shipping due to start from October Apple s iPhone Pro is one of the first models to be available for pre orderApple s splitting of pre orders for the iPhone range into two separate dates has begun with the iPhone and iPhone Pro Both are now available for ordering and at least the initial buyers will get their phones in one week s time on October Read more |
2020-10-16 17:14:30 |
海外TECH |
Engadget |
Geologie is changing the face of men’s skincare |
https://www.engadget.com/geologie-mens-skincare-175548263.html
|
Geologie is changing the face of men s skincareYou re a man And without wading too deep into a sea of stereotypes surrounding machismo and testosterone driven bravado we re going to take a leap and guess that the last thing you want to think about is your skincare routine if you even have one |
2020-10-16 17:55:48 |
海外科学 |
NYT > Science |
Remdesivir Fails to Prevent Covid-19 Deaths in Huge Trial |
https://www.nytimes.com/2020/10/15/health/coronavirus-remdesivir-who.html
|
trialcritics |
2020-10-16 17:28:02 |
海外TECH |
WIRED |
The iPhone 12 Is a Smartphone Made for Our Terrible Times |
https://www.wired.com/story/the-iphone-12-is-a-smartphone-made-for-our-terrible-times
|
terrible |
2020-10-16 17:47:07 |
海外ニュース |
Japan Times latest articles |
LGBT groups in Japan launch petition seeking equality law |
https://www.japantimes.co.jp/news/2020/10/16/national/social-issues/lgbt-groups-equality-law/
|
attention |
2020-10-17 02:58:57 |
海外ニュース |
Japan Times latest articles |
In first foreign trip, Suga faces test of diplomacy — and resolve on China |
https://www.japantimes.co.jp/news/2020/10/16/national/politics-diplomacy/suga-vietnam-indonesia-china-diplomacy/
|
In first foreign trip Suga faces test of diplomacy ーand resolve on ChinaMany are keen to see how Japan s new leader will embody his vision for diplomacy in one of the world s most critical geopolitical arenas |
2020-10-17 03:44:21 |
海外ニュース |
Japan Times latest articles |
Tokyo theme park Yomiuriland becomes new office for teleworkers |
https://www.japantimes.co.jp/news/2020/10/16/business/corporate-business/japan-yomiuriland-theme-park-teleworkers/
|
ferris |
2020-10-17 02:16:50 |
海外ニュース |
Japan Times latest articles |
SoftBank’s Masayoshi Son reportedly brokering a Grab-Gojek truce |
https://www.japantimes.co.jp/news/2020/10/16/business/corporate-business/softbank-masayoshi-son-grab-gojek/
|
indonesia |
2020-10-17 02:14:30 |
海外ニュース |
Japan Times latest articles |
Japan Post closer to scrapping Saturday mail deliveries |
https://www.japantimes.co.jp/news/2020/10/16/business/corporate-business/japan-post-saturday-mail/
|
deliveries |
2020-10-17 02:04:07 |
海外ニュース |
Japan Times latest articles |
Human rights group pushes IOC on Beijing Games |
https://www.japantimes.co.jp/sports/2020/10/16/olympics/human-rights-group-pushes-ioc-beijing-games/
|
groups |
2020-10-17 03:55:48 |
海外ニュース |
Japan Times latest articles |
Doha to host single-leg Asian Champions League final |
https://www.japantimes.co.jp/sports/2020/10/16/soccer/doha-host-single-leg-asian-champions-league-final/
|
asian |
2020-10-17 03:44:05 |
海外ニュース |
Japan Times latest articles |
UEFA president says fewer hosts for Euro 2020 an option |
https://www.japantimes.co.jp/sports/2020/10/16/soccer/uefa-president-says-fewer-hosts-euro-2020-option/
|
coronavirus |
2020-10-17 03:05:26 |
海外ニュース |
Japan Times latest articles |
BLM Tokyo continues the conversation on race with webinar series |
https://www.japantimes.co.jp/community/2020/10/16/issues/blm-tokyo-webinar-series/
|
BLM Tokyo continues the conversation on race with webinar seriesSpeakers Jamie Smith and Eric L Robinson will participate in BLM Tokyo s online series that provides information on racial inequality and systemic injustice |
2020-10-17 03:27:53 |
ニュース |
BBC News - Home |
Covid: PM warns he may 'need to intervene' on Manchester |
https://www.bbc.co.uk/news/uk-54575891
|
leaders |
2020-10-16 17:34:48 |
ニュース |
BBC News - Home |
Brexit: Trade talks with the EU are over, says No 10 |
https://www.bbc.co.uk/news/uk-politics-54566897
|
downing |
2020-10-16 17:13:08 |
ニュース |
BBC News - Home |
Coronavirus infections still rising rapidly |
https://www.bbc.co.uk/news/health-54567867
|
coronavirus |
2020-10-16 17:49:03 |
ニュース |
BBC News - Home |
Terror inquiry after stabbing near Paris |
https://www.bbc.co.uk/news/world-europe-54573356
|
muhammad |
2020-10-16 17:48:13 |
ニュース |
BBC News - Home |
'You don't need a willy to write' - Julie Welch, Fleet Street's first female football reporter |
https://www.bbc.co.uk/sport/av/football/54571009
|
x You don x t need a willy to write x Julie Welch Fleet Street x s first female football reporterFleet Street s first female football reporter Julie Welch tells Football Focus Caroline de Moraes about the ups and downs of making her way in such a male dominated industry |
2020-10-16 17:16:18 |
ビジネス |
ダイヤモンド・オンライン - 新着記事 |
アマゾン「プライムデー」効果、小売り他社にも波及 - WSJ発 |
https://diamond.jp/articles/-/251672
|
波及 |
2020-10-17 02:08:00 |
北海道 |
北海道新聞 |
弔旗・半旗掲揚は国立大56校 中曽根氏合同葬、文科省通知受け |
https://www.hokkaido-np.co.jp/article/471672/
|
中曽根康弘 |
2020-10-17 02:22:00 |
北海道 |
北海道新聞 |
公取委、巨大ITの違反を防止 古谷委員長インタビュー |
https://www.hokkaido-np.co.jp/article/471671/
|
公正取引委員会 |
2020-10-17 02:22:00 |
GCP |
Cloud Blog |
Exponential growth in DDoS attack volumes |
https://cloud.google.com/blog/products/identity-security/identifying-and-protecting-against-the-largest-ddos-attacks/
|
Exponential growth in DDoS attack volumesSecurity threats such as distributed denial of service DDoS attacks disrupt businesses of all sizes leading to outages and worse loss of user trust These threats are a big reason why at Google we put a premium on service reliability that s built on the foundation of a rugged network To help ensure reliability we ve devised some innovative ways to defend against advanced attacks In this post we ll take a deep dive into DDoS threats showing the trends we re seeing and describing how we prepare for multi terabit attacks so your sites stay up and running Taxonomy of attacker capabilitiesWith a DDoS attack an adversary hopes to disrupt their victim s service with a flood of useless traffic While this attack doesn t expose user data and doesn t lead to a compromise it can result in an outage and loss of user trust if not quickly mitigated Attackers are constantly developing new techniques to disrupt systems They give their attacks fanciful names like Smurf Tsunami XMAS tree HULK Slowloris cache bust TCP amplification javascript injection and a dozen variants of reflected attacks Meanwhile the defender must consider every possible target of a DDoS attack from the network layer routers switches and link capacity to the application layer web DNS and mail servers Some attacks may not even focus on a specific target but instead attack every IP in a network Multiplying the dozens of attack types by the diversity of infrastructure that must be defended leads to endless possibilities So how can we simplify the problem to make it manageable Rather than focus on attack methods Google groups volumetric attacks into a handful of key metrics bps network bits per second →attacks targeting network linkspps network packets per second →attacks targeting network equipment or DNS serversrps HTTP S requests per second →attacks targeting application serversThis way we can focus our efforts on ensuring each system has sufficient capacity to withstand attacks as measured by the relevant metrics Trends in DDoS attack volumesOur next task is to determine the capacity needed to withstand the largest DDoS attacks for each key metric Getting this right is a necessary step for efficiently operating a reliable networkーoverprovisioning wastes costly resources while underprovisioning can result in an outage To do this we analyzed hundreds of significant attacks we received across the listed metrics and included credible reports shared by others We then plot the largest attacks seen over the past decade to identify trends Several years of data prior to this period informed our decision of what to use for the first data point of each metric The exponential growth across all metrics is apparent often generating alarmist headlines as attack volumes grow But we need to factor in the exponential growth of the internet itself which provides bandwidth and compute to defenders as well After accounting for the expected growth the results are less concerning though still problematic Architecting defendable infrastructureGiven the data and observed trends we can now extrapolate to determine the spare capacity needed to absorb the largest attacks likely to occur bps network bits per second Our infrastructure absorbed a Tbps DDoS in September the culmination of a six month campaign that utilized multiple methods of attack Despite simultaneously targeting thousands of our IPs presumably in hopes of slipping past automated defenses the attack had no impact The attacker used several networks to spoof Mpps millions of packets per second to exposed CLDAP DNS and SMTP servers which would then send large responses to us This demonstrates the volumes a well resourced attacker can achieve This was four times larger than the record breaking Gbps attack from the Mirai botnet a year earlier It remains the highest bandwidth attack reported to date leading to reduced confidence in the extrapolation pps network packets per second We ve observed a consistent growth trend with a Mpps attack generated by an IoT botnet this year A notable outlier was a attack on a customer VM in which an IoT botnet ramped up to Mpps in secondsーa volume so large we initially thought it was a monitoring glitch rps HTTP S requests per second In March malicious javascript injected into thousands of websites via a network man in the middle attack caused hundreds of thousands of browsers to flood YouTube with requests peaking at Mrps millions of requests per second That was the largest attack known to us until recently when a Google Cloud customer was attacked with Mrps The slow growth is unlike the other metrics suggesting we may be under estimating the volume of future attacks While we can estimate the expected size of future attacks we need to be prepared for the unexpected and thus we over provision our defenses accordingly Additionally we design our systems to degrade gracefully in the event of overload and write playbooks to guide a manual response if needed For example our layered defense strategy allows us to block high rps and high pps attacks in the network layer before they reach the application servers Graceful degradation applies at the network layer too Extensive peering and network ACLs designed to throttle attack traffic will mitigate potential collateral damage in the unlikely event links become saturated For more detail on the layered approach we use to mitigate record breaking DDoS attacks targeting our services infrastructure or customers see Chapter of our book Building Secure and Reliable Systems Cloud based defensesWe recognize the scale of potential DDoS attacks can be daunting Fortunately by deploying Google Cloud Armor integrated into our Cloud Load Balancingserviceーwhich can scale to absorb massive DDoS attacksーyou can protect services deployed in Google Cloud other clouds or on premise from attacks We recently announced Cloud Armor Managed Protection which enables users to further simplify their deployments manage costs and reduce overall DDoS and application security risk Having sufficient capacity to absorb the largest attacks is just one part of a comprehensive DDoS mitigation strategy In addition to providing scalability our load balancer terminates network connections on our global edge only sending well formed requests on to backend infrastructure As a result it can automatically filter many types of volumetric attacks For example UDP amplification attacks synfloods and some application layer attacks will be silently dropped The next line of defense is the Cloud Armor WAF which provides built in rules for common attacks plus the ability to deploy custom rules to drop abusive application layer requests using a broad set of HTTP semantics Working together for collective securityGoogle works with others in the internet community to identify and dismantle infrastructure used to conduct attacks As a specific example even though the Tbps attack in didn t cause any impact we reported thousands of vulnerable servers to their network providers and also worked with network providers to trace the source of the spoofed packets so they could be filtered We encourage everyone to join us in this effort Individual users should ensure their computers and IoT devices are patched and secured Businesses should report criminal activity ask their network providers to trace the sources of spoofed attack traffic and share information on attacks with the internet community in a way that doesn t provide timely feedback to the adversary By working together we can reduce the impact of DDoS attacks |
2020-10-16 17:30:00 |
コメント
コメントを投稿