September 12, 2006
"Large scale denial-of-service attacks, growing in size and increasing in frequency, are the biggest threats to Internet service providers, a security company said Tuesday. ISPs are spending more to defend against massive denial-of-service (DoS) attacks than they are protecting themselves against highly-publicized worm attacks, Lexington, Mass.-based Arbor Networks reported in its annual survey of major providers. According to the Arbor poll of 55 ISPs in North America, Europe, and Asia, multi-gigabit, supra-backbone DoS attacks are on the upswing. Providers, said Arbor, regularly report attacks beyond the capacity of core backbone sections of the Internet in the 10-20Gbps range
. "This is driven by the proliferation of broadband Internet connectivity globally," the survey's report said. The bulk of these DoS attacks originate with botnets
, collections of compromised computers that criminals have acquired by infecting them with Trojan horses through other means, such as e-mail, spyware, or malicious Web sites... Other findings in the report ranged from a pessimistic view of zombies -- "despite the best efforts of firewall, IDS, and OS vendors, there is no end in sight to the rise of millions of compromised systems available to participate in DoS," said the report -- to an admission that an ISP's cure for a DoS may be as bad as the attack itself. Most providers, for example, handle a DoS by filtering out all traffic to the victim. While that protects ISPs backbones from collapse, the tactic also blocks legitimate traffic to the victim domain..."