A Live Map of Ongoing DDoS Attacks

Daniel_Stuckey writes "Check out the Digital Attack Map. It was produced in a collaborative effort by Google Ideas and Arbor Networks to raise awareness about distributed denial of service attacks. You know, those malicious digital attempts to choke, or shutdown websites by sending them volumes of traffic far too large for them to handle. The map 'surfaces anonymous attack traffic data to let users explore historic trends and find reports of outages happening on a given day,' as its about page explains. Created using attack data from Arbor's 'ATLAS® global threat intelligence system,' this is the D.A.R.E. of DDoS — it's about the danger of having information streams cut off. Under the heading 'DDoS Attacks Matter,' Google and Arbor explain that 'sites covering elections are brought down to influence their outcome, media sites are attacked to censor stories, and businesses are taken offline by competitors looking for a leg up.'" This comes alongside Google's announcement of Project Shield, the company's homegrown DDoS mitigation service.

Slashdot Effect

[Anonymous Coward]

Where is Slashdot on this map?

Slashdotted

[vettemph]

The site is currently being slashdotted. :)

Re:

[Freshly Exhumed]

It loaded perfectly just now. Anyway, it is kind of hypnotic after a few minutes... can't... shut... it... offfffff.......

The irony

[nxcho]

This interactive map of denial of service attacks seems to deny it's own interactivity by freezing my browser every time I try to interact with it.

Re:

[fatphil]

After staring at "loading attack data" for 10 seconds, I decided it was denying my service, and gave it the Ctrl-W.

Re:

[X0563511]

I think it's HTML5, so no - probably not.

Re:

[Kozar_The_Malignant]

Please repost these comments to the IE 11 story/flamewar.

Re:

[tibman]

FF and Chrome auto-update now. If you are on IE 8 or 9 you may experience some problems. http://caniuse.com/#agents=desktop&cats=HTML5&statuses=wd [caniuse.com] SVG appears to be supported in IE 9 so if you are XP and stuck with IE 8 you'll have to use a different browser. I didn't look at all the tags but SVG stood out. IE should not be tied with the OS, you should be able to update it independent of the OS version : /

why hasn't the IETF solved the DDoS problem yet?

[Darth Technoid]

surely, there's a protocol-level solution to this.

Re:why hasn't the IETF solved the DDoS problem yet

[Qzukk]

There's an ISP level solution to a major chunk of it, but they're too busy cracking down on bittorrent and competing voip/video services to do anything about it.

A lot of DDoS traffic has spoofed source IPs in order to make it difficult to track down the source. All the ISP has to do is prevent packets from leaving their network if they aren't addressed from their network, and at least what's left can be traced back to the source. For instance, this would eliminate using DNS servers as reflectors for attacks, since these attacks rely on sending a DNS request with the From address forged to be the victim's from address.

Re:

[Ardyvee]

Man, that seems like a sensible thing to do. It's not good, suggesting sensible things. Why don't you please come by to our brain-washi-- I mean, educational center? You clearly need it.

Re:

[gl4ss]

most attacks on the map are "source unknown" type, which I assume means spoofed ip's.

Re:

[Nemyst]

Correction: many or most high profile cases. For every big DDoS we hear about on /., there are thousands if not tens of thousands that go unnoticed by the majority, done by some script kiddie who thought he'd have some fun with his tiny botnet or by some crazies in a Middle Eastern or slavic country who decided to deface your site and claim it as theirs. Those attacks very often rely on amplification and spoofing to do any damage.

The DARE of DDoS

[xepel]

I certainly hope this isn't like DARE, or else it'll encourage an entire generation of kids to experiment with DDoS...

Re:

[billstewart]

If it's a for-profit propaganda organization masquerading as a non-profit education, then it's a lot like the original....

Re:

[Chrisq]

Seems quite a few countries are taking shots at china, but they're too focused on the United States to care.

It amazes me the obvious number of attacks on China from the USA. What I find interesting is why nothing in Russia given the known hacks by Russian cyber-criminals? maybe they are so good that they all show as "unknown".

Re:

[geminidomino]

It's not showing hacks, it's showing DDoS. And what you're looking at is actually US attacks on China -- it's not obvious from the map, and the animation is misleading. View the "Table" view to see that there are no "known" attacks from CN to US.

Sources

[gmuslera]

The sources of the attacks is not so much where the person launching the attack lives, but computers that takes part in a botnet/have a trojan/visit special pages, or hacked sites (usually with the owner of those computers/sites having no clue of that happening). It could give new information on DDoSed targets, but for sources could have too much noise to be useful.

Bigger problems

[Anonymous Coward]

it's about the danger of having information streams cut off. Under the heading 'DDoS Attacks Matter,' Google and Arbor explain that 'sites covering elections are brought down to influence their outcome...

If you can influence the outcome of an election by shuttering sites that merely cover the election, then you have way bigger problems than DDoS.

Project SHIELD...

[mythosaz]

Agent Ward: It means somebody really wanted our initials to spell "shield"

Google's Shield is an interesting dare to the malcontents of the internets... Resistant to attack, you say?

Borg ass BS

[SpaceManFlip]

You must be assimilated

You must comply

Exterminate

Re:

[tibman]

Fact is, every person who isn't immunized, and every person who isn't educated, and every computer that isn't up-to-date, patched, and secured.. is a liability to us all.
I'd say most of the time they are a liability to themselves and merely a nuisance to others who have to support them.

Poor Canada

[gsgriffin]

is once again overshadowed by the U.S. of A. I think I can see a little line dropping into Canada. There is still hope that more people will care enough to attack you, too.

Easy fixes

[Charliemopps]

Most of these attacks sources are either
a. Idiots with DSL that click yes to everything
b. Businesses that have no IT staff and let their nephew setup their network.

The traffic is easily detectable and easily shut off by locking their account. ISPs don't want to do that because in most cases the target is not a paying customer and the person whos computer is compromised is. Why would they potentially tick off a paying customer before the target complains? Moreover why would they invest time, energy and equip

Re:

[Anonymous Coward]

Fine the CxOs and investors directly for malfeasance.

if packets are like love...

[Gravis Zero]

... then the US has a whole lot of secret admirers.

Oh my God!

[aaaaaaargh!]

According to my version of the live map, there is a mid-sized attack from the US to China and at the same time a gigantic attack on the US from outer space!!!

Not great

[whitroth]

I'm on CentOS, so I'm running FF ESR 17.0.9. It displays the map, after I tell noscipt to do so. However... trying to see any given stream's info, putting the cursor over it, is a complete waste: it flashes, then vanishes. I move it upwards, and I can read part of it, but not the rest before it goes away. In effect, you can't read the captions on what you're seeing.

I'd give it somewhere between a D+ and a C-., with D for useability.

              mark