The attackers are throwing so much digital traffic at online networks that they have reportedly disrupted access to popular sites such as Netflix, the on-demand TV streaming service. There were fears that any worsening of the attack could affect web browsing and emails.
The onslaught has focused attention on the extent to which modern communications depend on the internet. Matthew Prince, chief executive of CloudFlare, one of the firms dealing with the assault, likened it to a series of digital “nuclear bombs”. “It’s so easy to cause so much damage,” he added.
But last week one of the spammers irked by Spamhaus’s work is believed to have launched the massive distributed denial of service, or DDoS, attack to bring down the anti-spam group.
Pretending to be Spamhaus, the attackers sent a series of data requests to DNS servers, which help edirect web traffic around the world. While many of these servers can only be accessed by authorized users, thousands are “open” and can be targeted by attacks like those that first struck last week.
After receiving what they thought were legitimate requests, the servers responded by sending the required data to Spamhaus, which could not deal with the wall of information that suddenly came its way. The attack, which still had not been fully dealt with on Wednesday, was so large that it began clogging up the DNS servers. This in turn slowed down replies to the ordinary internet users, hitting connections worldwide.
Spamhaus said it does not yet know who carried out the attacks. “A number of people have made claims to be involved,” it said in an email statement on Wednesday. “At this moment it is not possible for us to see if they really are.”
Cyberbunker, a web hosting service based in the Netherlands, has been named by reports as a potential culprit. It was recently added to one of
Spamhaus’s anti-spam lists. With more than 10,000 dedicated servers, and housed in a disused nuclear bunker, it offers anonymous hosting to its customers.
Its website states: “In most cases we have no idea who or where our customers actually are. We do not known and we simply don’t care.”
The company did not immediately respond to a request for comment.
No comments:
Post a Comment