Categories
Security

Real-time map of DDoS attacks

Digital Attack Map is a live data visualization of DDoS denial attacks worldwide. A DDoS attack is a planned attack on a computer system or networks that attempt to make the resource inaccessible. It is created through a collaboration between Google Ideas  and  Arbor Networks.

The tool displays anonymous attack traffic data to allow users to explore historical trends. You can also find reports of interruptions occurring on a given day.

ddos

The price of a DDoS attack

DDoS denial-of-service attacks can be purchased on the black market. A 2012 study spoke that the price was $150 for a week-long attack, TrendMicroResearch. More than 2,000 daily attacks can be seen on the Arbor Networks,  ATLAS Threat Report. In addition to 1/3 of all incidents that occur are DDoS,  Verisign/Merril Research attacks.

The attack of the infected army

Attackers build networks of infected computers, known as ‘botnets’, by spreading malware via emails, websites and social networks. Once infected, these machines can be controlled remotely, without the knowledge of their owners, and used as an army to launch an attack on any target. Some botnets have millions of sleeping machines that are activated when you want the criminal.

Botnets can generate large traffic floods to overwhelm a target. These floods can be generated in multiple ways, such as sending more connection requests than a server can handle, or have computers send large amounts of random data to the victim to use the target’s bandwidth. Some attacks are so large that they can maximize a country’s international cable capacity. Selling silence

There are specialized online marketplaces for buying and selling individual botnets or DDoS attacks. By using these clandestine markets, anyone can pay a nominal fee to silence websites they disagree with or disrupt an organization’s online operations. A week-long DDoS attack, capable of disconnecting a small organization, can cost as little as $150.

Exploring the data

The digital attack map shows global DDoS activity on a given day. Attacks are displayed as dotted lines, scaled by size, and placed according to the countries of origin and destination of attack traffic when known. Some features include:

  • Use the histogram at the bottom of the map to explore historical data.
  • Select a country to view DDoS activity to or from that country.
  • Use the color option to view attacks by class, duration, or source/destination port.
  • Use News Feed to find online reports of attack activity at a specific time.
  • View the gallery to explore some examples of days with notable DDoS attacks.

Types of DDoS attacks

DDoS attacks come in many different forms, from smurf  attacks  to DoS  and death pings. Below are details about the types of attacks and amplification methods found on the map.

  • TCP connection attacks– Occupancy connections. They attempt to use all available connections to infrastructure devices, such as load balancers, firewalls, and application servers. Even devices capable of maintaining the state of millions of connections can be eliminated by these attacks.
  • Volumetric attacks: bandwidth usage. These attempt to consume bandwidth within the target network/service, or between the target network/service and the rest of the Internet. These attacks are simply about causing congestion.
  • Fragmentation attacks –Pieces of packets. These send an avalanche of TCP or UDP fragments to the victim, which exceeds the victim’s ability to reassemble flows and significantly reduce performance.
  • Application attacks– Targeted applications. These attempt to overwhelm a specific aspect of an application or service and can be effective even with very few attacking machines that generate a low rate of traffic (making it difficult to detect and mitigate).

You can check the map at the this link.

One reply on “Real-time map of DDoS attacks”

Leave a Reply