A London and Geneva-based anti-spam group is claiming that for the last week it has been sustaining an attack from a Dutch Internet hosting company. The attack has been called the largest “in the history of the Internet.”
BBC reported the spam-filtering non-profit Spamhaus added Cyberbunker, a company that hosts everything except child pornography and terrorism-related content, to is blocklist. Spamhaus now alleges that Cyberbunker with Russian “criminal gangs” is issuing a consistent distributed denial of service (DDoS) attack. The attack was launched, Cyberbunker’s spokesman Sven Olaf Kamphuis said, because Spamhaus was wrong in using its spam-blocking powers to police content on the Web.
“Nobody ever deputized Spamhaus to determine what goes and does not go on the Internet,” Kamphuis said, according to the New York Times. “They worked themselves into that position by pretending to fight spam.”
The fight between the two goes back to 2011, when Spamhaus accused Cyberbunker of hosting spammers and requested its Internet Service Provider, A2B, take it down. A2B didn’t completely comply and Spamhaus listed A2B on its blacklist. A2B filed police reports in 2011 accusing Spamhaus of blackmail. Now the issue is coming to a head further since Cyberbunker was added to Spamhaus’ blacklist in March 2013.
A DDoS attack is one where a large influx of traffic is sent to overload servers, denying service to actual visitors to the site. Attacks like this are frequently what those in the hactivist collective Anonymous have used to down websites temporarily in the past.
“If you imagine it as a motorway, attacks try and put enough traffic on there to clog up the on and off ramps,” BBC reported University of Surrey professor Alan Woodward saying as he described this type of attack. “With this attack, there’s so much traffic it’s clogging up the motorway itself.”
Spamhaus Chief Executive Steve Linford said the attack is directed at 80 Domain Name System servers and that it would be strong enough to take down a government’s Internet infrastructure, BBC reported. The New York Times explains further how the attack on DNS systems is more forceful, compared to a DDoS attack on just a website:
A typical denial-of-service attack tends to affect only a small number of networks. But in the case of a Domain Name System flood attack, data packets are aimed at the victim from servers all over the world. Such attacks cannot easily be stopped, experts say, because those servers cannot be shut off without halting the Internet.
“The No. 1 rule of the Internet is that it has to work,” said Dan Kaminsky, a security researcher who years ago pointed out the inherent vulnerabilities of the Domain Name System. “You can’t stop a DNS flood by shutting down those servers because those machines have to be open and public by default. The only way to deal with this problem is to find the people doing it and arrest them.”
Still, although service has been slowed because of the attack — streaming services like Netflix have been impacted, as could email and banking services — Spamhaus said they have not been completely knocked off thanks to the work of the non-profit’s engineers.
BBC went on to report Linford saying sites like Google, which use Spamhaus to filter malicious content, have devoted resources to help take on all the attack’s traffic. CloudFlare was enlisted to help mitigate the attacks as well.
With some Internet users getting stuck in the middle of the feud with slower service, who is in the right here — Spamhaus or Cyberbunker? The New York Times reported Patrick Gilmore with digital content provider Akamai Networks saying Cyberbunker is mad because “they got caught.”
“They think they should be allowed to spam,” Gilmore continued, confirming it to be the “largest publicly announced DDoS attack in the history of the Internet.”
The attack is so large that innocent bystanders online have been affected as well.
(H/T: Drudge Report)