Massive cyberattack slows Internet in Europe

A fight between two European companies has significantly slowed the Internet, making it difficult for millions to access Web services such as Netflix, the BBC reported.

According to the report, a Dutch hosting site called Cyberbunker is perpetuating an enormous denial-of-service attack against the anti-spam group Spamhaus. The attack — which is disrupting Spamhaus’s services by flooding the company with traffic — has apparently begun to affect the performance of unrelated services. A look at Akamai’s snapshot of world’s Web traffic shows congestion is up significantly in Western Europe and Britain, where the real-time Web monitor is picking up a nearly 10 percent increase in traffic.

More tech stories

Parking doesn’t have to be a hassle

Parking doesn’t have to be a hassle

Meet the man who wants to make parking in a garage as fun as riding in an Uber.

Big data: A double-edged sword

Big data: A double-edged sword

New information will improve our health and prevent crimes, but uncover skeletons and hurt privacy.

White House updating online privacy policy

White House updating online privacy policy

A new Obama administration privacy policy explains how the government will gather the user data of online visitors to WhiteHouse.gov, mobile apps and social media sites, and it clarifies that online comments, whether tirades or tributes, are in the open domain.

Spamhaus, which distributes lists of spammers to security firms and others around the world, revealed that it was being targeted last week with a massive attack, which appears to be in retaliation for putting Cyberbunker on its list of bad actors. Cyberbunker is what’s known as a bulletproof host, meaning that the company will willingly host nearly any type of file, regardless of whether the content is strictly legal or not. The company has said, however, that it refuses to host child pornography or “anything related to terrorism.” Still, the company’s activities earned it a spot on Spamhaus’s blacklist, prompting the retaliatory attack.

In a statement to The New York Times, an activist who said he was speaking for the attackers, Sven Olaf Kamphuis, said Spamhaus became a target because they were “abusing their influence.”

What makes this attack so notable is that hackers targeted Domain Name System servers. The Domain Name System, DNS, is like a telephone directory for the Internet, directing users around the Web by translating the everyday Web addresses you type into your computer into numbers that machines can read to direct you to the right place. By targeting these servers — which are vital for the Internet’s operation — the attackers were able to greatly amplify their attack and generate far more traffic than in a normal denial-of-service attack.

It’s a type of attack that security researchers have been dreading, said Chester Wisniewski, an expert at the security firm Sophos, which subscribes to Spamhaus’s services.

“I’ve been waiting for this moment,” Wisniewski said. “It’s not difficult to do [an attack like] this, we just hadn’t seen one before.”

The problem, he said, is that many DNS servers aren’t set up correctly, making them vulnerable to being used in these kinds of attacks. The security community has been working to get these servers configured in a way that keeps them from being used in these large-scale attacks, but it’s been a slow road, as fixing the problem requires dealing with a lot of system administrators and Internet service providers.

Wisniewski said that he expects there will be more attacks like this in the future, and that the traffic generated by these attacks could affect a larger portion of the world’s Web traffic.

“We are likely to see it again,” he said. “The only way to deal with it is wrangle all those system administrators out there to make sure that their systems are properly configured.”

 
Read what others are saying