The Internet is a messy place, anyone who spends much time on it is aware of that. But some analysis by Arbor Networks, an IT security firm, seems to suggest things are even dirty than we might have expected. Arbor analyzed traffic statistics supplied by a group of 68 ISPs over the past year and half, coming to the conclusion that 2% of all Internet traffic is the “raw sewage” of purely malicious Distributed Denial of Service (DDoS) attacks.

DDoS attacks are brute force assaults meant to take out critical website servers by flooding them with data requests until they crash under the load. The hackers behind these kind of attacks utilize massive bot-nets–scores of computers infected with viruses that allow hackers to control them remotely and without their owners knowledge–to pound at a single target until it buckles.

2% may not seem like alot, but just for comparison Arbor also found that email only took up 1 – 1.5% of Internet traffic during the same period analyzed. And to put the numbers in other terms, Arbor is seeing around 1300 DDoS attacks a day on average, and has seen nearly a million since they began collecting data.

Arbor is still collecting data, and plans to release more detailed findings as they discover more. The information about who’s usually targetted by DDoS attacks will be especially useful, but already it’s clear that the DDoS attack is a security concern that companies can’t overlook. Historically hackers have targetted high profile sites or organizations, the Estonian governments, firms involved with e-commerce credit card processing, the Church of Scientology. However, recently they’ve also been going after smaller businesses as well, targetting and extorting gambling sites and companies that make anti-spam software.

It’s likely that in the future the crowd of victims will grow larger. As a senior security researcher at Arbor Networks recently explained to USA today, getting ahold of the bot-net necessary to pull off a DDoS attack is surprisingly easy(link to story). Renting out a bot-net is simply a matter of searching on Google and then throwing down about $1000 to $2000 a day. This puts a DDoS attack within the range of anybody with some technical know how and an axe to grind.

The real bad news about all this, is it’s quite difficult to protect yourself from these kinds of attacks. A number of firms have popped up selling software meant to help, and many hosting companies have started taking their own precautions. But bragging about what you can do to stop DDoS attacks is a sure way to find yourself under fire. The best thing to do is take the basic security precautions and keep a close eye on your network traffic. That should help in all but the most serious of DDoS attack situations.

For a more technical overview on DDoS attack’s and what you can do to safegaurd against them check out this article on eSecurity.com. It’s a couple years old, but it gives a nice walk through the various DDoS attack types and talks about some of the basic precautions you can take. You may also want to checkout the resources available from sans.org, including perhaps enrolling in some of their online courses and/or in person classes. I’ve attended them in the past and they are an excellent source of relevant, unbiased information for any organization wanting an introduction to or indepth capability supporting best security practices.

No related posts.