A cyber attack, believed to be the biggest yet, slowed down the global internet yesterday, leading to ripple effects felt by millions of users worldwide.
An argument between two computer groups triggered a revenge attack — a strike on such a scale that it could take down the websites of many of the world’s leading governments, companies and banks, say to security experts.
The size of the online barrage meant that other internet users felt its affects, slowing access to many websites and popular services such as Netflix, the film and television player. Experts said that if the attacks continue to escalate, e-mails, messaging and banking services could be disrupted.
The target is believed to be Spamhaus, a not-for-profit organisation based in London and Geneva that helps e-mail groups filter spam and other malicious content. The group has created enemies by creating “blacklists”, a database of organisations that it accuses of being malevolent actors.
Recently, Spamhaus put a company called Cyberbunker, a Dutch internet hosting company, on its blacklists. Cyberbunker, named after its headquarters at a five-storey former Nato bunker, is known as a “black hat” host — offering hosting services to any website “except child porn and anything related to terrorism”, according to its website. Spamhaus alleges that Cyberbunker launched the attack in retaliation. Attempts were made by The Times to contact Cyberbunker but it did not respond.
Steve Linford, the chief executive of Spamhaus, told the BBC that the attack had been taking place for “well over a week”, but that its defences had held so far, with the attackers unable to take its services down. Five national police forces were investigating the incident, he said.
Experts said Spamhaus was undergoing a special type of Distributed Denial of Service (DDoS) attack, where a victim is flooded with large amounts of traffic to bring down its internet services.
Rik Ferguson, a senior analyst for Trend Micro, the computer security specialists, said the attackers were using a “DNS reflection attack”.
In this method, perpetrators pretend to be their victim. The attacker uses the victim’s IP address to send a question to a DNS server, vital to run the internet. These questions demand a big response, resulting in data flooding the victim with huge amounts of traffic.
Spamhaus claims that the attacks are peaking at 300 gigabits per second. “That would take down most Fortune 500 companies,” said Mr Ferguson. “It would even take some countries offline. It’s a big, big attack, which is why it’s had repercussions across the rest of the web. I can’t think of an attack bigger than this.”
The cyber attack is being felt by other users because the traffic flows through the global internet infrastructure — the same pipes that physically connect the world’s computers.
The attacks were first reported last week by CloudFlare, a Californian internet security company that was trying to defend against the attacks. Instead, it too became a target. “These things are like nuclear bombs,” Matthew Prince, chief executive of CloudFlare, told The New York Times. “It’s so easy to cause so much damage.”
0 comments:
Post a Comment