By Ryan Singel
April 02, 2008
One out of every 50 packets on the internet is malicious junk intended
simply to clog the tubes, according to a high level traffic analysis by
Distributed Denial of Service attacks or DDoSes aim to bring a site down
by bombarding it with fake requests for a web page or image. It's like
having 1,000 people continually crank calling a company -- the real
customers can't get through.
Arbor now says those attacks account for about two percent of internet
traffic, with peaks of up to five percent.
Some DDoSes are spurred by online grudges, such as the ones that
occasionally target the anti-phishing site CastleCops or the large one
launched against Estonian targets by Russian nationalists last year.
Others are launched by cyber-criminals as part of an extortion attempt
against an online retailer.
The attacks can be very effective, especially when launched using a
zombie army of compromised computers known as a bot-net. But networking
experts have learned some very effective ways to mitigate attacks by
finding ways to filter out good traffic from the bad.
Arbor says its sensing network seeing some 1300 Denial of Service
attacks a day. That network has been collecting traffic data for the
last 18 months, and now is regularly getting data on almost 1.5 Tbps, a
significant slice of internet traffic.
By contrast, email composes around 1-1.5 percent of internet traffic.
So, while two percent surely is an intriguing number and points to a
genuine net security concern, it's hard to see cybarmageddon! on the
Some think that a really big DDoS, perhaps launched by the Chinese
military, will devastate the country in an electronic Pearl Harbor.
Threat Level remains highly doubtful.
But some people with power say the craziest things.
Subscribe to InfoSec News