{"id":10481,"date":"2025-07-16T12:36:29","date_gmt":"2025-07-16T05:36:29","guid":{"rendered":"https:\/\/infosec.new88088.net\/?p=10481"},"modified":"2026-02-05T12:36:36","modified_gmt":"2026-02-05T05:36:36","slug":"tan-cong-ddos-cuc-dai-dat-dinh-73-tbps-ha-tang-so-toan-cau-doi-mat-thach-thuc-lon","status":"publish","type":"post","link":"https:\/\/infosec.new88088.net\/2025\/07\/16\/tan-cong-ddos-cuc-dai-dat-dinh-73-tbps-ha-tang-so-toan-cau-doi-mat-thach-thuc-lon\/","title":{"rendered":"T\u1ea5n c\u00f4ng DDoS c\u1ef1c \u0111\u1ea1i \u0111\u1ea1t \u0111\u1ec9nh 7,3 Tbps: H\u1ea1 t\u1ea7ng s\u1ed1 to\u00e0n c\u1ea7u \u0111\u1ed1i m\u1eb7t th\u00e1ch th\u1ee9c l\u1edbn"},"content":{"rendered":"

Trong qu\u00fd II n\u0103m 2025, c\u00e1c h\u1ec7 th\u1ed1ng gi\u00e1m s\u00e1t an ninh m\u1ea1ng ghi nh\u1eadn s\u1ef1 gia t\u0103ng \u0111\u1ed9t bi\u1ebfn c\u1ee7a c\u00e1c cu\u1ed9c t\u1ea5n c\u00f4ng t\u1eeb ch\u1ed1i d\u1ecbch v\u1ee5 ph\u00e2n t\u00e1n (DDoS) c\u00f3 quy m\u00f4 c\u1ef1c l\u1edbn g\u1ecdi l\u00e0 \u201chyper-volumetric DDoS\u201d v\u1edbi \u0111\u1ec9nh \u0111i\u1ec3m l\u00ean \u0111\u1ebfn 7,3 terabit m\u1ed7i gi\u00e2y (Tbps) v\u00e0 4,8 t\u1ef7 g\u00f3i tin m\u1ed7i gi\u00e2y (Bpps) ch\u1ec9 trong v\u00f2ng 45 g<\/b>i\u00e2y, m\u1ee9c cao nh\u1ea5t t\u1eeb tr\u01b0\u1edbc \u0111\u1ebfn nay.<\/b><\/p>\n

D\u00f9 s\u1ed1 l\u01b0\u1ee3ng t\u1ed5ng th\u1ec3 c\u00e1c cu\u1ed9c t\u1ea5n c\u00f4ng DDoS \u0111\u00e3 gi\u1ea3m m\u1ea1nh xu\u1ed1ng c\u00f2n 7,3 tri\u1ec7u v\u1ee5 trong qu\u00fd II\/2025 so v\u1edbi 20,5 tri\u1ec7u v\u1ee5 \u1edf qu\u00fd I, nh\u01b0ng c\u00e1c cu\u1ed9c t\u1ea5n c\u00f4ng si\u00eau quy m\u00f4 hay c\u00f2n g\u1ecdi l\u00e0 \u201chyper-volumetric DDoS\u201d l\u1ea1i gia t\u0103ng \u0111\u1ed9t bi\u1ebfn.<\/p>\n

\n
\"1752652577405.png\"<\/div>\n

\u1ea2nh: The Hacker News<\/i>\u200b<\/div>\n

T\u1ed5ng quan t\u00ecnh h\u00ecnh qu\u00fd II\/2025\u200b<\/h2>\n
\n\n\n\n\n\n\n\n\n\n\n\n
\n
Ch\u1ec9 s\u1ed1\u200b<\/div>\n<\/th>\n
\n
S\u1ed1 li\u1ec7u qu\u00fd I\/2025\u200b<\/div>\n<\/th>\n
\n
S\u1ed1 li\u1ec7u qu\u00fd II\/2025\u200b<\/div>\n<\/th>\n
\n
Ghi ch\u00fa\u200b<\/div>\n<\/th>\n<\/tr>\n
T\u1ed5ng s\u1ed1 v\u1ee5 t\u1ea5n c\u00f4ng DDoS<\/td>\n\n
20,5 tri\u1ec7u\u200b<\/div>\n<\/td>\n
\n
7,3 tri\u1ec7u\u200b<\/div>\n<\/td>\n
Gi\u1ea3m m\u1ea1nh do chi\u1ebfn d\u1ecbch k\u00e9o d\u00e0i 18 ng\u00e0y trong qu\u00fd I<\/td>\n<\/tr>\n
Hyper-volumetric DDoS<\/td>\n\n
Kh\u00f4ng r\u00f5\u200b<\/div>\n<\/td>\n
\n
6.500 v\u1ee5 (trung b\u00ecnh 71 v\u1ee5\/ng\u00e0y)\u200b<\/div>\n<\/td>\n
G\u00e2y \u1ea3nh h\u01b0\u1edfng n\u1eb7ng n\u1ec1 nh\u1ea5t<\/td>\n<\/tr>\n
T\u1ea5n c\u00f4ng DDoS l\u1edbp m\u1ea1ng (L3\/4)<\/td>\n\n
~16,8 tri\u1ec7u\u200b<\/div>\n<\/td>\n
\n
3,2 tri\u1ec7u\u200b<\/div>\n<\/td>\n
Gi\u1ea3m 81% so v\u1edbi qu\u00fd I<\/td>\n<\/tr>\n
T\u1ea5n c\u00f4ng DDoS HTTP (L7)<\/td>\n\n
~3,8 tri\u1ec7u\u200b<\/div>\n<\/td>\n
\n
4,1 tri\u1ec7u\u200b<\/div>\n<\/td>\n
T\u0103ng 9%<\/td>\n<\/tr>\n
DDoS y\u00eau c\u1ea7u ti\u1ec1n chu\u1ed9c (Ransom DDoS)<\/td>\n\n
-\u200b<\/div>\n<\/td>\n
\n
T\u0103ng 68%\u200b<\/div>\n<\/td>\n
Xu h\u01b0\u1edbng \u0111\u00e1ng lo ng\u1ea1i<\/td>\n<\/tr>\n
T\u1ea5n c\u00f4ng v\u01b0\u1ee3t 100 tri\u1ec7u packets\/gi\u00e2y<\/td>\n\n
-\u200b<\/div>\n<\/td>\n
\n
T\u0103ng 592%\u200b<\/div>\n<\/td>\n
Kh\u1ea3 n\u0103ng g\u00e2y ngh\u1ebdn m\u1ea1ng c\u1ef1c cao<\/td>\n<\/tr>\n
T\u1ea5n c\u00f4ng v\u01b0\u1ee3t 1 Tbps (L3\/4)<\/td>\n\n
-\u200b<\/div>\n<\/td>\n
\n
T\u0103ng 1.150%\u200b<\/div>\n<\/td>\n
5\/10.000 v\u1ee5 \u0111\u1ea1t ng\u01b0\u1ee1ng n\u00e0y<\/td>\n<\/tr>\n
HTTP DDoS v\u01b0\u1ee3t 1 tri\u1ec7u requests\/gi\u00e2y<\/td>\n\n
-\u200b<\/div>\n<\/td>\n
\n
6% t\u1ed5ng s\u1ed1\u200b<\/div>\n<\/td>\n
Cao h\u01a1n nhi\u1ec1u so v\u1edbi n\u0103m tr\u01b0\u1edbc<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<\/div>\n

Chi\u1ebfn thu\u1eadt t\u1ea5n c\u00f4ng ng\u00e0y c\u00e0ng tinh vi\u200b<\/h2>\n

C\u00e1c cu\u1ed9c t\u1ea5n c\u00f4ng DDoS hi\u1ec7n nay kh\u00f4ng c\u00f2n ch\u1ec9 \u0111\u01a1n thu\u1ea7n l\u00e0 “flood”: d\u1ed9i l\u01b0u l\u01b0\u1ee3ng l\u1edbn \u0111\u1ec3 l\u00e0m ngh\u1ebdn h\u1ec7 th\u1ed1ng. Thay v\u00e0o \u0111\u00f3, k\u1ebb t\u1ea5n c\u00f4ng \u0111ang s\u1eed d\u1ee5ng chi\u1ebfn thu\u1eadt ph\u1ed1i h\u1ee3p gi\u1eefa:<\/p>\n

    \n
  • C\u00e1c \u0111\u1ee3t t\u1ea5n c\u00f4ng quy m\u00f4 c\u1ef1c l\u1edbn, g\u00e2y \u00e1p l\u1ef1c tr\u1ef1c ti\u1ebfp l\u00ean b\u0103ng th\u00f4ng, m\u00e1y ch\u1ee7 v\u00e0 h\u1ec7 th\u1ed1ng b\u1ea3o v\u1ec7<\/li>\n
  • C\u00e1c \u0111\u1ee3t qu\u00e9t th\u0103m d\u00f2 nh\u1ecf, \u00e2m th\u1ea7m, nh\u1eb1m x\u00e1c \u0111\u1ecbnh l\u1ed7 h\u1ed5ng, \u0111i\u1ec3m y\u1ebfu c\u1ea5u h\u00ecnh ho\u1eb7c khu v\u1ef1c thi\u1ebfu ph\u00f2ng th\u1ee7<\/li>\n<\/ul>\n

    C\u00e1ch ti\u1ebfp c\u1eadn n\u00e0y gi\u00fap l\u00e1ch qua c\u00e1c h\u1ec7 th\u1ed1ng ph\u00f2ng v\u1ec7 truy\u1ec1n th\u1ed1ng v\u1ed1n th\u01b0\u1eddng ch\u1ec9 t\u1eadp trung v\u00e0o vi\u1ec7c ph\u00e1t hi\u1ec7n c\u00e1c h\u00e0nh vi b\u1ea5t th\u01b0\u1eddng r\u00f5 r\u00e0ng ho\u1eb7c c\u00f3 l\u01b0u l\u01b0\u1ee3ng cao.<\/p>\n

    \u0110i\u1ec1u \u0111\u00e1ng lo ng\u1ea1i l\u00e0 nhi\u1ec1u cu\u1ed9c t\u1ea5n c\u00f4ng hi\u1ec7n \u0111\u01b0\u1ee3c thi\u1ebft k\u1ebf th\u00f4ng minh \u0111\u1ec3 \u201c\u1ea9n m\u00ecnh\u201d trong l\u01b0u l\u01b0\u1ee3ng h\u1ee3p l\u1ec7, khi\u1ebfn vi\u1ec7c ph\u00e1t hi\u1ec7n tr\u1edf n\u00ean kh\u00f3 kh\u0103n h\u01a1n bao gi\u1edd h\u1ebft. T\u1ee9c l\u00e0 h\u1ec7 th\u1ed1ng c\u00f3 th\u1ec3 \u0111ang b\u1ecb t\u1ea5n c\u00f4ng m\u00e0 kh\u00f4ng h\u1ec1 bi\u1ebft cho \u0111\u1ebfn khi d\u1ecbch v\u1ee5 b\u1eaft \u0111\u1ea7u ch\u1eadp ch\u1eddn ho\u1eb7c gi\u00e1n \u0111o\u1ea1n.<\/p>\n

    C\u00e1c k\u1ef9 thu\u1eadt t\u1ea5n c\u00f4ng m\u1ea1ng ph\u1ed5 bi\u1ebfn (L\u1edbp 3\/4):<\/b><\/p>\n

      \n
    1. DNS Flood: g\u1eedi m\u1ed9t l\u01b0\u1ee3ng l\u1edbn truy v\u1ea5n DNS \u0111\u1ec3 l\u00e0m ngh\u1ebdn h\u1ec7 th\u1ed1ng ph\u00e2n gi\u1ea3i t\u00ean mi\u1ec1n<\/li>\n
    2. TCP SYN Flood: khai th\u00e1c qu\u00e1 tr\u00ecnh b\u1eaft tay 3 b\u01b0\u1edbc c\u1ee7a TCP \u0111\u1ec3 l\u00e0m c\u1ea1n ki\u1ec7t t\u00e0i nguy\u00ean m\u00e1y ch\u1ee7<\/li>\n
    3. UDP Flood: g\u1eedi l\u01b0u l\u01b0\u1ee3ng kh\u00f4ng x\u00e1c \u0111\u1ecbnh \u0111\u1ebfn c\u00e1c c\u1ed5ng ng\u1eabu nhi\u00ean, g\u00e2y r\u1ed1i lo\u1ea1n v\u00e0 chi\u1ebfm b\u0103ng th\u00f4ng<\/li>\n<\/ol>\n

      Nh\u1eefng m\u1ee5c ti\u00eau ch\u00ednh b\u1ecb nh\u1eafm \u0111\u1ebfn\u200b<\/h2>\n

      C\u00e1c l\u0129nh v\u1ef1c b\u1ecb t\u1ea5n c\u00f4ng nhi\u1ec1u nh\u1ea5t:<\/p>\n

        \n
      1. D\u1ecbch v\u1ee5 vi\u1ec5n th\u00f4ng v\u00e0 nh\u00e0 m\u1ea1ng<\/li>\n
      2. Internet v\u00e0 h\u1ea1 t\u1ea7ng CNTT<\/li>\n
      3. Tr\u00f2 ch\u01a1i tr\u1ef1c tuy\u1ebfn (gaming)<\/li>\n
      4. C\u1edd b\u1ea1c v\u00e0 c\u00e1 c\u01b0\u1ee3c<\/li>\n<\/ol>\n

        C\u00e1c qu\u1ed1c gia b\u1ecb t\u1ea5n c\u00f4ng nhi\u1ec1u nh\u1ea5t (d\u1ef1a tr\u00ean qu\u1ed1c gia thanh to\u00e1n c\u1ee7a kh\u00e1ch h\u00e0ng Cloudflare):<\/p>\n

          \n
        1. Trung Qu\u1ed1c<\/li>\n
        2. Brazil<\/li>\n
        3. \u0110\u1ee9c<\/li>\n
        4. \u1ea4n \u0110\u1ed9<\/li>\n
        5. H\u00e0n Qu\u1ed1c<\/li>\n
        6. Th\u1ed5 Nh\u0129 K\u1ef3<\/li>\n
        7. H\u1ed3ng K\u00f4ng<\/li>\n
        8. Vi\u1ec7t Nam<\/li>\n
        9. Nga<\/li>\n
        10. Azerbaijan<\/li>\n<\/ol>\n

          Vi\u1ec7t Nam hi\u1ec7n n\u1eb1m trong nh\u00f3m 10 qu\u1ed1c gia b\u1ecb t\u1ea5n c\u00f4ng m\u1ea1ng nhi\u1ec1u nh\u1ea5t, cho th\u1ea5y m\u1ee9c \u0111\u1ed9 r\u1ee7i ro an ninh m\u1ea1ng \u0111ang ng\u00e0y c\u00e0ng gia t\u0103ng. Th\u1ef1c t\u1ebf n\u00e0y kh\u00f4ng qu\u00e1 b\u1ea5t ng\u1edd, b\u1edfi trong nhi\u1ec1u n\u0103m qua, c\u00e1c c\u01a1 quan qu\u1ea3n l\u00fd nh\u01b0 B\u1ed9 Th\u00f4ng tin v\u00e0 Truy\u1ec1n th\u00f4ng \u0111\u00e3 nhi\u1ec1u l\u1ea7n c\u1ea3nh b\u00e1o v\u1ec1 t\u00ecnh tr\u1ea1ng thi\u1ebft b\u1ecb IoT trong n\u01b0\u1edbc kh\u00f4ng \u0111\u01b0\u1ee3c b\u1ea3o m\u1eadt \u0111\u00fang m\u1ee9c, ch\u1eb3ng h\u1ea1n nh\u01b0 vi\u1ec7c gi\u1eef nguy\u00ean m\u1eadt kh\u1ea9u m\u1eb7c \u0111\u1ecbnh, kh\u00f4ng c\u1eadp nh\u1eadt ph\u1ea7n m\u1ec1m (firmware) hay m\u1edf c\u00e1c c\u1ed5ng m\u1ea1ng m\u00e0 kh\u00f4ng c\u1ea5u h\u00ecnh b\u1ea3o v\u1ec7. Nh\u1eefng \u0111i\u1ec3m y\u1ebfu n\u00e0y khi\u1ebfn c\u00e1c thi\u1ebft b\u1ecb d\u1ec5 d\u00e0ng tr\u1edf th\u00e0nh m\u1ee5c ti\u00eau b\u1ecb chi\u1ebfm quy\u1ec1n \u0111i\u1ec1u khi\u1ec3n r\u1ed3i tham gia v\u00e0o c\u00e1c m\u1ea1ng botnet th\u1ef1c hi\u1ec7n t\u1ea5n c\u00f4ng DDoS quy m\u00f4 l\u1edbn.<\/p>\n

          B\u00ean c\u1ea1nh \u0111\u00f3, h\u1ea1 t\u1ea7ng s\u1ed1 t\u1ea1i Vi\u1ec7t Nam \u0111ang ph\u00e1t tri\u1ec3n m\u1ea1nh m\u1ebd, \u0111\u1eb7c bi\u1ec7t trong c\u00e1c l\u0129nh v\u1ef1c nh\u01b0 th\u01b0\u01a1ng m\u1ea1i \u0111i\u1ec7n t\u1eed, t\u00e0i ch\u00ednh s\u1ed1 (fintech), gi\u00e1o d\u1ee5c v\u00e0 y t\u1ebf tr\u1ef1c tuy\u1ebfn. \u0110\u00e2y \u0111\u1ec1u l\u00e0 c\u00e1c ng\u00e0nh c\u00f3 m\u1ee9c \u0111\u1ed9 ph\u1ee5 thu\u1ed9c cao v\u00e0o kh\u1ea3 n\u0103ng truy c\u1eadp li\u00ean t\u1ee5c v\u00e0 \u1ed5n \u0111\u1ecbnh c\u1ee7a h\u1ec7 th\u1ed1ng m\u1ea1ng, khi\u1ebfn ch\u00fang tr\u1edf th\u00e0nh m\u1ee5c ti\u00eau h\u1ea5p d\u1eabn cho c\u00e1c cu\u1ed9c t\u1ea5n c\u00f4ng \u0111\u00f2i ti\u1ec1n chu\u1ed9c<\/p>\n

          C\u00e1c cu\u1ed9c t\u1ea5n c\u00f4ng DDoS trong b\u00e1o c\u00e1o \u0111\u01b0\u1ee3c ghi nh\u1eadn l\u00e0 c\u00f3 ngu\u1ed3n g\u1ed1c l\u01b0u l\u01b0\u1ee3ng (traffic source) \u0111\u1ebfn t\u1eeb c\u00e1c qu\u1ed1c gia nh\u01b0:<\/p>\n