Anti-spam group Spamhaus fought a major cyber attack over the past few weeks. Despite help from CloudFlare, the attack slowed connections for millions of people. The attack is currently under investigation by a number of international cyber-crime departments.
How do these attacks work?
Spamhaus made some enemies, which isn’t surprising. The group blacklists servers that it believes host spam sites. And a few weeks ago, someone started retaliating with a DDoS attack, or a distributed denial of service attack. These attacks can be ruthlessly effective because they are unpredictable and can quickly clog up targeted websites.
“These things are essentially like nuclear bombs,” Matthew Prince, the chief executive of CloudFlare, said of the attacks.
So how does a nuclear bomb for the Internet work? The attacker overwhelms its target by sending more traffic its way than it can handle. DDoS attacks are old hat and fairly well known now, thanks to a spree of them last year, but the significant thing about this attack was how much the traffic spiked:
You’re probably wondering why sites like Netflix get harmed in this type of attack. While some DDoS attacks tend to only affect a few targeted servers, the specific type of DDoS attack in this situation – something called a DNS (Doman Name Server) attack – data packets flood servers from all over the world, so it’s hard to contain.
So who’s behind the attacks?
It looks like we have a Dutch villain on our hands. The attacks started shortly after Spamhaus blacklisted Dutch web host Cyberbunker, known for its lax attitudes toward the content it allows (basically, everything but child porn).
Sven Olaf Kamphuis, a man who claims to represent Cyberbunker, characterized the attacks as a retaliation, and accused Spamhaus of abusing its position on the Internet. Mr. Kamphuis responded to requests for comments. Cyberbunker didn’t admit or deny the charges, telling Digital Trends “The only thing we would like to say is that we (including our clients) did not, and never have been, sent any spam. We have no further comment.”
Last but not least: should you be worried?
If you’re already stressed about the covert cyber war China’s apparently waging on the U.S., this is probably the last thing you want to hear. The fact that an organization is capable of an attack of this magnitude is very troublesome – Spamhaus is managing it with the help of CloudFlare, but if the target was a government or another organization, connection problems could be even more severe. This attack ushers us into an era of elevated possibilities for cyber attacks – and even though the beef this time is between two groups most of us have nothing to do with, it’s creating a lot of collateral damage.
Spamhaus chief executive Linford told BBC how an attack of this nature would harm the British government: “If you aimed this at Downing Street they would be down instantly […] They would be completely off the Internet.”
There’s not much point in worrying about it though – unless you’re a cyber crime expert, you won’t be abe to do anything about connection problems you have during this type of attack.
NATO recently published guidelines for cyber attacks, stressing the importance of leaving civilians out of cyber warfare. Of course, when the battle is between two non-governmental organizations, it’s not likely these rules will get followed. But at least it’s comforting to know that states will attempt to keep your Law and Order: SVU obsession going strong by avoiding the troubles caused by the current attack.