By Andy Sullivan
Internet "zombie" attacks that attempt to knock computer systems offline are more likely to come from users of America Online than any other source, according to a report released by a security company on Tuesday.
AOL and other large Internet service providers serve as launching pads for most "denial of service" attacks, according to Prolexic Technologies, which helps companies fend off such attacks.
Other top sources of such attacks include T-Mobile's German-based service; Wanadoo, a French Internet provider; and Comcast Corp.
Prolexic chief technology officer Barrett Lyon said the report could indicate that some Internet providers don't protect their customers as much as companies like EarthLink Inc. that don't show up on the list.
"Their clients may be exposed differently or they may be doing a poor job of filtering certain things from their clients," Lyon said in an interview, referring to AOL and the other providers named in the report.
But such figures only show that AOL has a much larger user base than other Internet providers who account for nearly as many attacks, spokesman Andrew Weinstein said.
"This survey is a huge victory for our members. If they're three to four times less likely to be compromised than their peers that's not a bad thing," Weinstein said.
AOL provides antivirus, anti-spyware and firewall services for its members, and those who are compromised probably haven't updated their software recently, he said.
Denial-of-service attacks harness thousands of computers in a coordinated effort to knock Web sites or other computer systems offline through an unrelenting data blitz.
Early DDoS attacks targeted the U.S. government or high-profile online vendors like eBay. Over the past year, criminals have used DDoS attacks to extort payments from online gambling operations, banks and other businesses, or to attack competitors.
Cybercriminals use worms or viruses to secretly hijack unprotected computers to use in such attacks. Zombie networks also are used by spammers to cover their tracks.
DDoS attacks are increasing in frequency from one or two a month to one or two a week as attackers constantly try different methods to take down their targets, Lyon said.
The U.S. Federal Trade Commission last month asked Internet providers to disconnect their customers' computers if they find they have been compromised. Law enforcers in 25 other countries are also taking efforts to shut down such "zombie" networks.
Though U.S.-based computers were responsible for the largest portion of DDoS traffic at 18 percent, countries like Hong Kong, Germany, Malaysia and the United Kingdom had higher percentages of infected computers, Prolexic said.
Prolexic based its report on attacks it saw over the last six months.
Copyright 2005 Reuters Limited.
NOTE: For more telecom/internet/networking/computer news from the daily media, check out our feature 'Telecom Digest Extra' each day at