Internet ‘bystanders’ affected as massive cyberattack hits Spamhaus

Networked ComputerThe Internet is under the worst cyberattack ever, experts said Wednesday.

Spam-fighting organization Spamhaus is being targeted with a massive  cyberattack that experts say may be the biggest in the history of the web. The  so-called distributed denial of service attack, or DDoS, uses networks of  computers to point huge volumes of web traffic at a company’s server, a  technique that invariably knocks their computers offline.

Picture trying to take a sip from Niagra Falls and you’ll get the idea.

‘If the Internet felt a bit more sluggish for you over the last few  days in Europe, this may be part of the reason why.’

– Matthew Prince, CEO of net security firm CloudFlare

The DDoS attack being waged against Spamhaus has reached a previously unheard  of magnitude, according to Patrick Gilmore, chief architect at digital content  provider Akamai. Recent cyberattacks — like the ones that caused persistent  outages at U.S. banking sites late last year — tend to peak at 100 billion bits  per second. The attack on Spamhaus clocked in at 300 billion.

“It’s the largest publicly announced DDoS attack in the history of the  Internet,” Gilmore said to the New York Times.

Even that tremendous number might not truly reflect the scope of the attack,  however.

“It was likely quite a bit more, but at some point measurement systems can’t  keep up,” said Matthew Prince, chief executive of security firm CloudFlare that  was brought in to help Spamhaus weather the assault.

The massive cyberattack is apparently from groups angry at being blacklisted  by the Geneva-based spam fighter — and the digital assault is so great that  Gilmore said the electronic onslaught was affecting others across the  Internet.

Users could experience slower Internet or be subjected to unwanted emails, he  said.

“If the Internet felt a bit more sluggish for you over the last few days in  Europe, this may be part of the reason why,” Prince wrote in a blog post on his  company’s site.

A man who identified himself as Sven Olaf Kamphuis said he was in touch with  the attackers and described them as mainly consisting of disgruntled Russian  Internet service providers who had found themselves on Spamhaus’ blacklists.  There was no immediate way to verify his claim.

He accused the watchdog of arbitrarily blocking content that it did not like.  Spamhaus has widely used and constantly updated blacklists of sites that send  spam.

“They abuse their position not to stop spam but to exercise censorship  without a court order,” Kamphuis said.

Gilmore and Prince said the attack’s perpetrators had taken advantage of  weaknesses in the Internet’s infrastructure to trick thousands of servers into  routing a torrent of junk traffic to Spamhaus every second.

The trick, called “DNS reflection,” works a little bit like mailing requests  for information to thousands of different organizations with a target’s return  address written across the back of the envelopes. When all the organizations  reply at once, they send a landslide of useless data to the unwitting  addressee.

CloudFlare also reported that the attack was massive, possibly the biggest  ever.

“We have been told by one major Tier 1 provider that they saw more than  300Gbps of attack traffic related to this attack,” wrote Prince. “That would  make this attack one of the largest ever reported.”

In an interview, Spamhaus’ Vincent Hanna said his site had been hit by such a  crushing wave of denial-of-service attacks and that it was “a small miracle that  we’re still online.”

Hanna said his group had been weathering such attacks since  mid-March.

Gilmore of Akamai was dismissive of the claim that Spamhaus was biased.

“Spamhaus’ reputation is sterling,” he said.

The Associated Press contributed to this report.

Read more:

CED Solutions is a Cisco Learning Partner, Microsoft Gold Learning Partner and the #1 location for Microsoft Certifications in North America.  CED Solutions is a Platinum CompTIA Partner and is one of the largest providers of training in North America.  The Atlanta facility provides IT training for up to 490 students per day, with three buildings dedicated to training. CED Solutions provides training for up to 10,000 students per year and students take up to 800 certification exams every two weeks.

Find out more about CED Solutions’ Security Training and Certification classes for:  A+,  Network+,  Security+,  CISSPCASP,  Ethical Hacking, Computer Forensics, and many more.  Call today to find out about multiple student and military pricing onsite at your location.

CED Solutions provides training and certification for Microsoft MCSA: Windows 2012 Server; MCSA: Windows 2008 Server; MCSA: SQL 2012 Server; MCSE: Business Intelligence SQL 2012 Server; MCSE: Data Platform SQL 2012 Server; MCSE: Desktop Infrastructure Windows 2012 Server; MCSE: Server Infrastructure Windows 2012 Server; MCPD: 6 Cert Visual Studio Developer; MCSD: Windows Store Apps C#; MCSD: Windows Store Apps HTML5; IT Healthcare Technician and many more.


Share this post