What will reduce the attacks?
Actually punishing those who cause or allow them to occur.
I can't tell you the number of times that I've called ISPs about DDoS attacks and spam coming from their domain...within the United States...and they say "Well, we need a log of all the activity and..." and want *your* proof when all they need do is look at their own router logs...being they were the point of origin.
In addition, it has to be a global effort and not just pocketed. I can't tell you the number of offers I get from my long-lost cousin in Nigeria who has $15M for me...just as long as I'll give him my social security number, and bank account and routing numbers for my account.
Simply put, we need to punish...tangibly and effectively...a) those who commit the crimes, and b) those whose negligence and inaction make a haven for such crime to be facilitated.
Otherwise...the ilk will continue their free march to do their harm to their heart's content.
