Hackers mount widespread cyber attack
By Bede McCarthy in London and Richard Waters in San Francisco
Hackers have hit a European anti-spam group with a cyber attack so large that experts say it could slow down the internet itself.
The original target was Spamhaus, which said it had been subject to large-scale distributed denial of service (DDoS) attacks for the past week. Such attacks overwhelm servers by bombarding them with spurious requests simultaneously from computers all over the internet.
According to security companies monitoring the attack, it has risen in scale from 10 gigabits per second of data to 300Gbps, making it one of the largest of its kind and about six times the size of most such incidents.
Cloudflare, a security company hired by Spamhaus to fight off the bombardment, said the attack ceased on March 21 but resumed the next day with increased power, targeting Cloudflare’s network providers in an effort to neutralise the defence.
The company said the result was that the attack moved up the chain to the so-called Tier 1 providers, who service the internet with raw bandwidth. In effect, all internet users were sharing the increased load.
“While we don’t have direct visibility into the traffic loads they saw, we have been told by one major Tier 1 provider that they saw more than 300Gbps of attack traffic related to this attack. That would make this attack one of the largest ever reported,” Cloudflare said.
Spamhaus’ volunteers maintain a list of internet addresses known to be used for spam, enabling users of its service to filter out large amounts of junk or infected email. As a result it has many enemies, and has accused one such blocked site of colluding with online criminals in eastern Europe and Russia to launch the attack.
However, the attack has failed to bring the address-blocking service offline. ““We’re up – they haven’t been able to knock us down. Our engineers are doing an immense job in keeping it up – this sort of attack would take down pretty much anything else,” Steve Linford, chief executive for Spamhaus, told the BBC in London.
Raj Samani, McAfee’s chief technology officer in Europe, said an attack of this scale was likely to affect all internet users, from consumers to small and large businesses. “We are seeing an increase in volume and sophistication of these types of attacks stemming from all parts of the world,” he said.
Kaspersky Lab, another security company, said that owing to the nature of the internet the attack would probably impede normal web services for users of other sites, not just Spamhaus. Users may experience a slow network or total unavailability of certain websites.
Although many users have experienced delays in bandwidth-hungry services such as Netflix, Thinkbroadband, a broadband consultancy in the UK, said its tests showed no evidence that internet speeds had been slower.