Case Study: Thwarting 100,000+ Attacks on the G20 Summit, the NSFOCUS Experience
By: Dr. Richard Zhao, SVP of Global Threat Research, NSFOCUS
In September 2016, prominent world leaders representing the top 20 global economies gathered together in Hangzhou, China to kick off the 11th meeting of Group of Twenty (G20). This year marked the first time that the event was hosted in China and as a result, securing the Summit’s cyber assets and associated networks quickly became a top priority. To protect the world’s most visible heads of state from an increasing number of sophisticated hackers, there was a clear choice for the company that could handle the daunting task.
With 16 years as China’s largest security company and continuing a longstanding history of successfully securing major global events such as the 2008 Olympics in Beijing and the World Internet Conference, NSFOCUS was commissioned by China’s Ministry of Public Security to protect the G20’s cyber infrastructure.
The NSFOCUS research team on the ground in China was responsible for protecting 12,729 key G20 applications – including the Summit’s official website and other critical web pages. To combat these threats, NSFOCUS established a Security Operations Center and implemented an Intelligent Hybrid Security approach based on real-time global threat intelligence to provide unified, multi-layer protection capable of withstanding the onslaught of attacks.
Here is a quick look at the various attacks NSFOCUS helped defend and mitigate against over the course of the summit.
- More than two million web attacks – including 133,254 attacks directly targeting the G20 network
- NSFOCUS blocked approximately 169,919 web attacks – including a Trojan malware that was intended to steal credentials.
- 1,984 DDoS attacks targeting the G20 network, protecting against 41.2 TB of malicious traffic, the equivalent of one attempt every two minutes
- 9 million attacks targeting key service providers associated with the Summit
The strength of NFOCUS’ research team and suite of security solutions, including its Threat Intelligence, Web Application Security, Next Generation Intrusion Prevention Systems (NGIPS), Anti-DDoS System (ADSand more, proved vital to thwarting any attempts by hackers to access sensitive information surrounding the G20. NSFOCUS’ real-time coordination with multiple vendors, across challenging environments proves its ability to work with global enterprises of any size to successfully defend critical applications.