As artificial intelligence (AI) consolidates itself as one of the pillars of digital transformation, cyber threats begin to cause more concern among experts in the area. For example, Cyberataques involving the Distributed Denial of Service (DDOS) system can be major obstacles to the protection of IAS systems.
Companies that lead this sector face not only the pressure of staying competitive in the global market, but also the need to protect themselves against strategically orchestically attacks. Some of the most common DDOS methods include NTP reflection, Memcated amplification, as well as other types of more specific attacks.
According to NSFocus’s global threat hunting system, Chinese Aia DeepSeek has been the target of a series of DDOS attacks, which ranged from minutes to hours.
The analysis suggests that the criminals responsible for attacking the interface of the agreed in a completely organized and professional way, which suggests a well -planned action and not a simple incident.
“The fact that the invaders choose to attack strategic points just when it achieved impressive results and attracted global attention raises important issues. This incident not only exposes safety risks in the international cyber space, but also reflects the technological competition and geopolitical challenges that Chinese companies can face in the process of globalization, ”Nsfocus describes.
What is DDOS?
DDOS attacks exploit standard internet protocols, such as HTTP, TCP and DNS, to overload servers and networks with excessive volume of traffic.
Depending on the strategy used, criminals can generate millions of simultaneous requests through bots to explore communication protocol failures or even use techniques to increase the intensity of the attack.
When an DDOS attack is successful, legitimate users may face difficulties in accessing the service, either by extreme slowness, intermittent failures or total unavailability. For example, If an attack reaches a social network, users may have trouble loading the site or using their duties during the attack.
A DDOS type offensive may have different motivations, from attacks on governments to companies – in the latter case, motivation is often financial extortion.
After choosing the target, criminals create, rent or take control of a Botnet, a network of remotely infected and controlled devices. These devices, often committed by malware without the knowledge of their owners, They are used to generate a high volume of simultaneous access, which overloads the service.
There are different types of DDOS attacks. Some generate high volume of traffic through botnets, overloading the target infrastructure. Others do not depend on a large amount of accesses, but explore vulnerabilities and consume critical resources of the system, which leaves the network unstable.
DDoS e IA
DDOS attacks do not directly affect the systems, but the infrastructure that keeps them in operation, as servers, chatbots and apis interfaces. By overloading these processes, the attack may prevent or degrade the operation of the AI.
In attack on DeepSek, criminals would have mainly used reflection methods, including NTP, Memcated, SSDP and ClDap, among others. These attacks have affected several distributed servers around the world.
Get to know some of the DDOS attack techniques that can affect IAS:
- NTP attack: An attack by NTP reflection occurs when a criminal explores Vulnerabilities of the Network Time Protocol (NTP), sending false requests to NTP servers configured inappropriately.
- Ataque Memcached: Memcied attack occurs when an invader explores poorly configured memcied servers to generate massive traffic against a target. The criminal sends small fake requests to these servers, which reflect more traffic and overload the victim’s infrastructure.
- SSDP attack: In SSDP reflection attack, Universal Plug and Play (UPNP) protocol is used to increase server traffic. By sending the fake request, the servers respond with larger packages redirected to the system.
- Cldap attack: The CLDAP reflection technique explores the Connectionless Lightweight Protocol Directory Access Protocol (CLDAP) to generate an attack. After sending fake requests, the servers send much larger packages to the target, increasing traffic and congesting network traffic.
