‘Biggest cyber attack in history’ slows down internet worldwide
Onslaught, believed to be the work of spammers, has been likened to
series of digital ‘nuclear bombs’
Internet users worldwide are having to endure slow connections after
the biggest cyber-attack in history.
The attackers are throwing so much digital traffic at online networks
that they have reportedly disrupted access to popular sites such as
Netflix, the on-demand TV streaming service. There were fears that any
worsening of the attack could affect web browsing and emails.
The onslaught has focused attention on the extent to which modern
communications depend on the internet. Matthew Prince, chief executive
of CloudFlare, one of the firms dealing with the assault, likened it to
a series of digital “nuclear bombs”. “It’s so easy to cause so much
damage,” he added.
The attack is believed to have begun last week, when Spamhaus, an
anti-spam organisation, was hit by a wave of digital traffic that
knocked its website offline. The body draws up lists of the servers used
to send spam messages around the world. Email administrators use these
lists to block spam.
But last week one of the spammers irked by Spamhouse’s work is
believed to have launched the massive distributed denial of service, or
DDoS, attack to bring down the anti-spam group.
Pretending to be Spamhaus, the attackers sent a series of data
requests to DNS servers, which help direct web traffic around the world.
While many of these servers can only be accessed by authorised users,
thousands are “open” and can be targeted by attacks like those that
first struck last week.
After receiving what they thought were legitimate requests, the
servers responded by sending the required data to Spamhaus, which could
not deal with the wall of information that suddenly came its way. The
attack, which still had not been fully dealt with last night, was so
large that it began clogging up the DNS servers. This in turn slowed
down replies to the ordinary internet users, hitting connections
worldwide.
Spamhaus said it does not yet know who carried out the attacks. “A
number of people have made claims to be involved,” it said in an email
statement yesterday. “At this moment it is not possible for us to see if
they really are.”
Cyberbunker, a web hosting service based in the Netherlands, has been
named by reports as a potential culprit. It was recently added to one of
Spamhaus’s anti-spam lists. With more than 10,000 dedicated servers, and
housed in a disused nuclear bunker, it offers anonymous hosting to its
customers. Its website states: “In most cases we have no idea who or
where our customers actually are. We do not known and we simply don’t
care.”
The company did not immediately respond to a request for comment.
Byte-mare: how the attack worked
The attackers tried to overwhelm their target by sending it heavy
traffic.
A flood of requests to view a site at the same time will exceed its
capacity - stopping it from loading.
Spamhaus sought greater capacity, turning to CloudFlare, which can
spread the traffic over a larger bandwidth. However, the attackers began
targeting their attacks so they would be concentrated. This congestion
was so heavy that it overwhelmed DNS routers, used to direct internet
traffic.
- The Independent
|