Somewhere between 1 percent and 3 percent of all traffic on the Internet is meaningless packets of information, used in distributed denial of service attacks (DDOS) to knock Web sites offline Somewhere between 1 percent and 3 percent of all traffic on the Internet is meaningless packets of information, used in distributed denial of service attacks (DDOS) to knock Web sites offline.Those are the findings of Arbor Networks, a network traffic analysis company that recently looked at traffic flowing between more than 68 Internet service providers to see how much of it was malicious.“The thing that’s surprising is it’s consistently 1 to 3 percent,” said Danny McPherson, Arbor’s chief research officer. “It’s pretty significant.” To purchase the bandwidth that Arbor tracked in these DDOS attacks, a legitimate user would have to pay hundreds of thousands of dollars per month, McPherson said. That’s not a problem for criminals, however, who use the network connections of their victims to attack others.DDOS attacks try to overwhelm the victim’s servers with routine Internet messages. Attackers try to send so many packets that the victim’s computers are unable to do their regular job — serving Web pages or sending e-mail, for example. They have become a common occurrence in recent years and have spawned a cottage industry of companies that try to mitigate their effects. Studying the data from about 1,300 routers over 18 months, Arbor found that the tidal waves of SYN or ICMP (Internet Control Message Protocol) packets used in DDOS attacks rarely dropped below 1 percent of all traffic and could easily rise to 6 percent during peak periods.Arbor’s data show other trends too. Attacks drop off during Christmas and New Year’s, perhaps while the attackers are “hungover or expending their spoils,” McPherson wrote in a blog posting.The most common targets are Internet Relay Chat (IRC) servers, commonly used by hackers and technical types to meet up online and chat with each other.With spam now making up almost all e-mail traffic, there’s a considerable amount of junk clogging the Internet’s pipes.McPherson guessed that as much as 10 percent of the Internet’s traffic could be “raw sewage.” Related content feature Top cybersecurity M&A deals for 2023 Fears of recession, rising interest rates, mass tech layoffs, and conservative spending trends are likely to make dealmakers cautious, but an ever-increasing need to defend against bigger and faster attacks will likely keep M&A activity steady in By CSO Staff Sep 22, 2023 24 mins Mergers and Acquisitions Mergers and Acquisitions Mergers and Acquisitions brandpost Unmasking ransomware threat clusters: Why it matters to defenders Similar patterns of behavior among ransomware treat groups can help security teams better understand and prepare for attacks By Joan Goodchild Sep 21, 2023 3 mins Cybercrime news analysis China’s offensive cyber operations support “soft power” agenda in Africa Researchers track Chinese cyber espionage intrusions targeting African industrial sectors. By Michael Hill Sep 21, 2023 5 mins Advanced Persistent Threats Cyberattacks Critical Infrastructure brandpost Proactive OT security requires visibility + prevention You cannot protect your operation by simply watching and waiting. It is essential to have a defense-in-depth approach. By Austen Byers Sep 21, 2023 4 mins Security Podcasts Videos Resources Events SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe