Akamai, who provide transparent mirroring of web content for high-traffic websites, see a large sample of Internet traffic. They have started to report on some of the trends they see in their traffic patterns (while some not so subtle points about how good they are). Their first report covers Q1 2008 (January – March). The report is available from http://www.akamai.com/stateoftheinternet/ (registration required). Here are some of the security-related things that I found interesting
- Approximately 2% of all inter-domain Internet traffic was DDoS traffic (does not include spam, phishing, scans or other malicious traffic).
- The “Anonymous” DDoS attack on the Church of Scientology website generated 220 Mbps of attack traffic at peak. This was a comparatively small attack, but received attention in the mainstream media.
- In January, an automated SQL injection attack compromised 70 000 sites including .edu, .gov, and several websites belonging to Fortune 500 companies. 11, 12
- Drive-by install (2 examples).