icon bookmark-bicon bookmarkicon cameraicon checkicon chevron downicon chevron lefticon chevron righticon chevron upicon closeicon v-compressicon downloadicon editicon v-expandicon fbicon fileicon filtericon flag ruicon full chevron downicon full chevron lefticon full chevron righticon full chevron upicon gpicon insicon mailicon moveicon-musicicon mutedicon nomutedicon okicon v-pauseicon v-playicon searchicon shareicon sign inicon sign upicon stepbackicon stepforicon swipe downicon tagicon tagsicon tgicon trashicon twicon vkicon yticon wticon fm
27 Mar, 2013 17:44

Spam no more: 'Biggest' cyber-attack in history grips web

The cyber-attack – dubbed by many to be the biggest in history – has caused a worldwide Web slowdown, as the battle between an anti-spam group and a Dutch web host continues to heat up.

The attack is believed to be the largest-ever distributed-denial-of-service (DDoS) cyber-assault in history, and was sparked when the non-profit group Spamhaus earlier this month placed CyberBunker on its real-time blacklist of sites to be blocked for spreading spam. 

The (DDoS) attacks – which flood targeted web servers with fake traffic to make them inaccessible – have reportedly caused millions to experience delays with services such as the Netflix video-streaming service and made other sites temporarily unavailable. Experts fear the web congestion could lead to banking and email system slowdowns around the world.

Spamhaus servers were at one point being inundated with 300 billion bits per second (300Gbps) of data, three times larger than the previous record attack of 100 Gbps, Darren Anstee from Arbor Networks Solutions told IBTimes UK.

Image from cyberbunker.com

Spamhaus, which helps email providers filter out spam and other questionable content, first reported the attacks on March 20.

Kaspersky anti-virus giant’s experts confirmed to RT that this was one of the largest DDoS operations to date “based on the reported scale of the attack, which was evaluated at 300 Gigabits per second.

“The data flow generated by such an attack may affect intermediate network nodes when it passes them, thus impeding operations of normal web services that have no relation to Spamhaus or Cyberbunker,” corporate communications manager at Kaspersky, Yuliya Krivosheina, wrote in a statement for RT. “Therefore, such DDoS attack may affect regular users as well, with network slowdown or total unavailability of certain web resources being typical symptoms.”

Kaspersky warned that there may be further disruptions on a larger scale as the attack escalates.

“In general, attacks of this type are growing in terms of quantity as well as scale,” the statement reads. “Among the reasons for this growth is the development of the Internet itself (network capacity and computing power) and past failures in investigating and prosecuting individuals behind past attacks.”

Meanwhile, Steve Linford, chief executive for Spamhaus, told the BBC that this scale of attack could knock down government Internet infrastructure.

"If you aimed this at Downing Street they would be down instantly," he said. "They would be completely off the Internet."

Linford noted that “when there are attacks against major banks, we're talking about 50 gbs."

Five separate cyber-police-forces are investigating the incident, he added, though he could not disclose any further details.

Spamhaus further accused Cyberbunker of collaborating with criminal gangs from Eastern Europe and Russia to carry out the attacks.

Image from cyberbunker.com

‘Cyberbunker not behind current attacks’

Cyberbunker, which operates out of a "secretive nuclear bunker," prides itself on rebuking "authorities regarding the rights of individuals. " The firm, boasts they will provide bandwidth to anything but child pornography or terrorism related content.

Sven Olaf Kamphuis, an internet activist and self-described spokesman for Cyberbunker, reportedly told the New York Times the ongoing attack was retaliation for Spamhaus "abusing their influence." However, later on Wednesday Kamphuis told RT's news video agency RUPTLY via Skype that quotes attributed to him by the NYT were part of a campaign of “misinformation” against Cyberbunker, which he says is not currently carrying out DDoS attacks against Spamhaus.

“There has been some misinformation from the New York Times that it’s me carrying out the attacks. Spamhaus have pissed off a lot of people over the past few years by blackmailing ISPs and carriers into disconnecting clients without court orders or legal process whatsoever,” he said.  

“At this moment we are not even conducting any attacks because people from our group stopped any attack yesterday morning,” he said. “So if they are still under attack which I think they are because I get news feeds that they are still under attack then it’s now other people attacking them.” He argues that such publicized cyber-attacks do serve a function, as they put the “mafia tactics” of Spamhaus in the public spotlight, which he claims are currently “the largest threat” to Internet freedom.  

“Well, I think the cyber-attacks do put things under public discussion and that in the case of Spamhaus was urgently needed, because they have been operating in the background, claiming to be spam fighters and a little non-profit and at the moment it is becoming all the more clear what they really are. People that work at internet providers have always known this,” Kamphuis said.

“People who work at abuse desks or as providers, know that if you don’t give Spamhaus their way, they will list your entire provider and at that point all of your customers will start to complain that 1/3 of the internet no longer accepts email to start with. If they put you on drop a whole bunch of American providers no longer accept your backups, so you can no longer communicate with half of the sites hosted in the United States. It is a massive problem when one little offshore from the Bahamas gains such an influence on the internet that they can have such an impact.”

Image from cyberbunker.com