1. 6

  2. 2

    The exponential DDoSes volume curve must be caused by one or more of these:

    • exponential growth in the general volume of the internet
    • exponential growth in the number of suitable security problems found (and not fixed)
    • exponential growth in the number of hosts that can be attacked/leveraged per security problem
    • exponential growth in the bandwidth that each vulnerable host can contribute to a DDoS
    • a combination of the above such that each is superlinear and the product is an exponential curve

    Have I missed any? No? I’m curious about which it may be.

    If the number of vulnerable hosts is growing exponentially, why? Etc. I’ve never seen any real reports of this. I submitted the story mostly in order to be able to ask about this.

    One of the possible causes seems… almost positive. It seems to me that if the number of security problem found is growing exponentially, then the growth must reverse at some point. That well must dry up. At that point, the volume should decrease.

    1. 4

      Money is the other thing that comes to mind.

      The extortion business model got more sophisticated & better at extracting money. More people got into it. There is a growing user base of practitioners with the capacity to hijack machines.

      I wonder how the fiscal payoff for breaking into hosts is changing. If the per host value went up over time you’d see more and more people get into it. OTOH if it went down then you might expect to see a small number of people work harder and harder to chase every last host that can be broken into to try to maintain constant revenue in the face of decreasing asset yield? I dunno.

      I think it’s a thing in general that gold rushes show exponential growth.