Io.net 針對 SQL 注入攻擊快速採取行動，保障 GPU 網路安全

為了應對針對 GPU 元資料的 SQL 注入攻擊，Io.net 的首席安全官 Husky.io 宣布加強安全措施，並計劃進行網路廣播演示即時系統恢復。儘管遭到攻擊，GPU 硬體仍然安全，網路完整性也保留。

Io.net's Swift Response to SQL Injection Attack Ensures GPU Network Integrity

Io.net 對 SQL 注入攻擊的快速回應確保 GPU 網路完整性

In a major cybersecurity incident that tested the resilience of its decentralized physical infrastructure network (DePIN), Io.net swiftly implemented robust security measures to mitigate the impact of a SQL injection attack that compromised GPU metadata.

在一次測試其去中心化實體基礎設施網路 (DePIN) 彈性的重大網路安全事件中，Io.net 迅速實施了強大的安全措施，以減輕 SQL 注入攻擊損害 GPU 元資料的影響。

Rapid Response and System Recovery

快速響應和系統恢復

Upon detecting the attack at 1:05 a.m. PST on April 25, Io.net's Chief Security Officer, Husky.io, immediately initiated corrective actions to strengthen security and safeguard the network. The quick response prevented the malicious actors from compromising the actual GPU hardware, ensuring the integrity of Io.net's extensive network.

太平洋標準時間 4 月 25 日凌晨 1:05 偵測到攻擊後，Io.net 首席安全長 Husky.io 立即啟動糾正措施，以加強安全並保護網路。快速回應阻止了惡意行為者損害實際 GPU 硬件，確保了 Io.net 廣泛網絡的完整性。

Strengthened Security Measures

加強安全措施

To enhance security, Io.net implemented several measures, including:

為了增強安全性，Io.net 實施了多項措施，包括：

• Added SQL injection checks to APIs
• Improved monitoring of unauthorized attempts
• Deployed a user-specific authentication solution based on Auth0 and OKTA to address vulnerabilities in universal authorization tokens

Mitigation of Impact

向 API 添加了 SQL 注入檢查改進了對未經授權嘗試的監控部署了基於 Auth0 和 OKTA 的特定於使用者的身份驗證解決方案，以解決通用授權令牌中的漏洞減輕影響

While the security updates coincided with a snapshot of the rewards program, resulting in a temporary dip in supply-side participation, Io.net proactively launched Ignition Rewards Season 2 in May to address these challenges. Ongoing efforts include working with vendors to upgrade, restart, and reconnect equipment to the network.

雖然安全更新與獎勵計劃的快照同時發生，導致供應方參與度暫時下降，但 Io.net 在 5 月主動推出了 Ignition 獎勵第 2 季來應對這些挑戰。持續的努力包括與供應商合作升級、重新啟動設備並將其重新連接到網路。

Exposure of API Vulnerabilities

API漏洞曝光

The attack highlighted vulnerabilities in Io.net's API, prompting intensive countermeasures. The attackers exploited a flaw in an API used to display items in the input/output explorer, inadvertently revealing user IDs when searching for device IDs. This exposed information was gathered into a database weeks before the incident.

這次攻擊凸顯了 Io.net API 中的漏洞，促使人們採取密集的對策。攻擊者利用了用於在輸入/輸出資源管理器中顯示項目的 API 中的缺陷，在搜尋裝置 ID 時無意中洩露了使用者 ID。這些暴露的資訊在事件發生前幾週被收集到資料庫中。

Prevention and Detection

預防與檢測

Husky.io emphasized the critical importance of ongoing detailed assessments and penetration tests on public endpoints to identify and neutralize attacks early on. Io.net is committed to continuous security enhancements to safeguard its network and ensure the reliability of its services.

Husky.io 強調了對公共端點進行持續詳細評估和滲透測試以儘早識別和消除攻擊的至關重要性。 Io.net 致力於持續增強安全性，以保護其網路並確保其服務的可靠性。

Continued Supply-Side Engagement

供應方持續參與

Despite the incident, Io.net remains focused on fostering supply-side engagement and restoring network connections. The platform continues to service tens of thousands of compute hours monthly, providing critical computing resources for a wide range of applications.

儘管發生了這一事件，Io.net 仍然專注於促進供應方參與和恢復網路連接。該平台每月繼續為數萬個運算小時提供服務，為廣泛的應用程式提供關鍵的運算資源。

Planned Webcast for Live System Recovery

規劃即時系統復原的網路廣播

To further demonstrate its commitment to transparency and network resilience, Io.net has announced a planned webcast where experts will showcase live system recovery processes. This event will provide valuable insights into the company's security protocols and disaster recovery procedures.

為了進一步展示其對透明度和網路彈性的承諾，Io.net 宣布計劃進行網路廣播，專家將展示即時系統復原流程。此次活動將為公司的安全協議和災難復原程序提供寶貴的見解。

Conclusion

結論

Io.net's swift response to the SQL injection attack serves as a testament to the company's commitment to protecting its network and preserving the integrity of its platform. Through rigorous security measures, ongoing security assessments, and proactive vendor collaboration, Io.net continues to provide a robust and secure infrastructure for its diverse customer base.

Io.net 對 SQL 注入攻擊的快速反應證明了該公司致力於保護其網路和維護其平台完整性的承諾。透過嚴格的安全措施、持續的安全評估和積極的供應商協作，Io.net 繼續為其多元化的客戶群提供強大且安全的基礎設施。