By attacking the websites of the largest names in finance and e-commerce – Visa, Mastercard, PayPal, Amazon – last week’s actions by the vigilante “group” called Anonymous have thrust DDOS attacks into the spotlight. Although some are pegging this as a new form of political activism, denial of service attacks are neither a recent development, nor a particularly rare occurrence. They’re not all political either, although those do seem to be the ones we hear about.
According to a recent survey by security providers Arbor Networks, IP network operators see DDoS attacks as the number one security threat, beating out botnets, identity theft, worms, and other forms of infrastructure compromise. And along with good ol’ spam, DDoS attacks were what participants in the survey reported spending the most resources to combat.
In fact, almost every network admin working on a large site reported at least one DDoS attack a month; some reported dozens. And over 60% said they’d experienced DDoS attacks larger than 1 Gbps. So not only are DDoS attacks quite frequent, finds the Arbor Network survey, they’re becoming larger as well. Over the last six years, service providers have reported a near doubling in peak DDoS attack rates year-over-year, increasing from 400 Mbps in 2002 to 40 Gbps in 2008. This year the peak was “only” 49 Gbps, just a 22% growth from last year.
Now to put this in some perspective with recent events, Arbor Networks estimates that the DDoS attacks that took WikiLeaks down on the day the cables were released were around 2-4 Gbps, just slightly above the average DDoS attack. But two days later, another attack on the site clocked in around 10 Gbps.
While it doesn’t list the strength of the recent DDoS attacks, PandaLabs has chronicled the end-results – the down-times for the various websites that have been involved, including Anonymous’.
Although DDoS attacks have made headlines this past week or so, the Arbor Networks report observes that 64% of those who experience incidents fail to report anything to law enforcement. Only 20% of respondents said they thought law enforcement would have the power or the means to respond.
Will the increased awareness about DDoS attacks change that? Or will attackers simply change tactics? Or will the spread of the push-button LOIC tool seemingly favored by Anonymous herald a whole different round of DDoS attacks?