By Alexandra Burlacu | Mar 28, 2013 09:26 AM EDT
Internet speeds across the world saw sluggish speeds in what security experts describe as the biggest cyber-attack of its kind in history.
Simply put, a dispute between a spam-fighting group and a hosting firm resulted in retaliation attacks that affected the Internet worldwide. The issue affects popular services such as Netflix and many others, and experts worry the problem could escalate to affect banking and email systems. Five international cyber-police forces are currently looking into these attacks.
Spamhaus, a nonprofit anti-spam organization based in both London and Geneva, aims to help email providers to filter out spam and other types of undesired content. To this endeavor, the organization keeps a number of blocklists, a database of servers known to serve malicious purposes.
As part of this strategy, Spamhaus recently blocked servers maintained by Cyberbunker, a Dutch Web host that claims to host anything except child pornography or terrorism-related content.
Sven Olaf Kamphuis, who says he is a spokesman for Cyberbunker, told the BBC that Spamhaus was abusing its position and should not be able to decide "what goes and does not go on the Internet." Spamhaus, meanwhile, claims that Cyberbunker worked with "criminal gangs" from Eastern Europe and Russia to orchestrate the massive attack.
Last week, Spamhaus contacted CloudFlare for assistance in dealing with a large Distributed Denial of Service (DDoS) attack it was facing. It switched over to CloudFlare's network on March 19. The attack reportedly started out with a 10Gbps flood of traffic, then reached over 100Gbps that same night.
The attack initially took Spamhaus' website down, with the Internet Storm Center independently observing the outage. According to CloudFlare, most of the attack consisted of traffic via the Domain Name System (DNS) reflection technique. Spamhaus CEO Steve Linford told the BBC the scale of the attack was unprecedented.
"We've been under this cyber-attack for well over a week," says Linford. "But we're up — they haven't been able to knock us down. Our engineers are doing an immense job in keeping it up — this sort of attack would take down pretty much anything else."
The executive said he cannot disclose more details because the five forces investigating this attack were concerned they may suffer attacks on their own infrastructure.
The DDoS attack floods the target with large amounts of traffic in an attempt to make it unreachable. In this case, Spamhaus' DNS servers were the target. Those servers make up the infrastructure that joints domain names with the website's numerical IP address.
According to Linford, the attack could be powerful enough to take down government Internet infrastructure. While normally attacks against major banks reach about 50Gbps, he explains, these attacks peak at a whopping 300Gbps.
"If you aimed this at Downing Street they would be down instantly," explains the CEO. "They would be completely off the Internet."
Meanwhile, the attack is affecting Internet services worldwide. Spamhaus says it was able to withstand the attacks due to its highly distributed infrastructure in a number of countries. The organization enjoys support from many of the world's largest Internet companies, as they rely on Spamhaus to filter spam and unwanted material. Linford further told the BBC that several heavyweights such as Google made their resources available to help "absorb all this traffic."
© 2013 Mobile & Apps All rights reserved. Do not reproduce without permission.