Sunday, 31 March 2013

DDOS attack 2013: Understanding the SpamHaus internet attack


It was simply unprecedented and so far intensity had never been so high. but this time it seems the slowdown brought the world to its kneeds, almost. DDOS attack 2013 was sort of unprecedented. Here we try to understand the SpamHaus internet attack
The biggest ever Distributed Denial of Service attacks by Dutch web host CyberBunker against anti-spam agency SpamHaus was carried out last week. However, most of us were almost unaware of such massive DDoS attack.
In fact, the attacks generated so much Distributed Denial of Service traffic that they slowed down various sectors of the Internet for a small period of time. Many of the ordinary users experienced interruptions in service or even could not open a website for a short period of time.
However, the problem seemed more troublesome for the Internet engineers who manage the global network. According to some computer experts, the attack seemed to be so powerful that if it continues to shoot up then people around the world may actually not be able to access even basic Internet services such as email, online banking or social networks.
The whole thing started when the anti spam agency, SpamHaus, added the Dutch web host firm CyberBunker to its blacklist which is used by email providers to get rid of spam. The Dutch company, CyberBunker, a five-story former abandoned NATO bunker in the Netherlands, provides web hosting to diverse collection of websites “except child porn and anything related to terrorism,” according to its Web site.
Matthew Prince, Chief Executive Officer of a San Francisco-based company, CloudFlare, that have been helping out SpamHaus for the past few days, said that the DDoS attacks began on March 19 and have produced almost 300 GBps of DDoS traffic but he added that, SpamHaus has not stopped distributing their blacklist.
“We haven’t seen anything larger than this publicly,” Prince said. “Its hard to get an attack this large, because what you end up doing is congesting [portions of the Internet],” Prince said.
According to Prince, the DDoS attacks on SpamHaus were minor initially but gradually got bigger. The DDoS attacks grew from 10GBps to more than 90GBps of traffic from March 19 to March 22.
“These things are essentially like nuclear bombs,” said Matthew Prince of CloudFlare. “It’s so easy to cause so much damage.”
Earlier, blacklisted sites would strike back against Spamhaus with denial-of-service attacks, in which they downpour Spamhaus with traffic requests from personal computers until their servers become inaccessible. However, last week, the assailants smacked back with a powerful strike that subjugated the core infrastructure of the Internet, called the Domain Name System, or DNS.
Sven Olaf Kamphuis, an Internet activist who claimed to be a spokesman for the attackers, said, “We are aware that this is one of the largest DDoS attacks the world had publicly seen.” Mr. Olaf Kamphuis said Cyberbunker was striking back against Spamhaus for “abusing their influence.”
“Nobody ever deputized Spamhaus to determine what goes and does not go on the Internet,” Mr. Olaf Kamphuis said. “They worked themselves into that position by pretending to fight spam.”

No comments:

Post a Comment