Sign in with
Sign up | Sign in

The Biggest DDoS War Ever is Slowing Down Internet

By - Source: The New York Times | B 37 comments

It's the largest DDoS attack ever!

It's dubbed as the largest distributed denial of service (DDoD) attack in the history of the Internet, reportedly slowing down portions of the Web for brief periods of time across the globe. Anti-spam service Spamhaus is the target, suffering daily attacks since March 19 that have generated up to 300 Gbps of DDoS traffic.

The attacks reportedly began after Spamhaus added the Dutch company Cyberbunker to its blacklist. Cyberbunker is a five-story former NATO bunker in the Netherlands which hosts websites except for those related to porn and terrorism. Some of these sites have been labeled as "eclectic" and noted as alleged major spammers.

Sven Olaf Kamphuis, an Internet activist speaking for the attackers, said that Cyberbunker is virtually pounding Spamhaus for abusing its influence on the Internet. "We are aware that this is one of the largest DDoS attacks the world had publicly seen."

These attacks started small in bandwidth, but rose from 10 Gbps to over 90 Gbps between March 19 and March 22. Once the attackers discovered their onslaught wasn't enough to knock Spamhaus offline, they went after the upstream service providers.

"As the attacks have increased, we've seen congestion across several major Tier 1s, primarily in Europe where most of the attacks were concentrated," said Matthew Prince, CEO of CloudFlare, an Internet security firm based in San Francisco that has been helping Spamhaus over the past few days. The company first mentioned the attacks last week, and has thus become one of the targets.

"These things are essentially like nuclear bombs," he added. "It’s so easy to cause so much damage."

In the typical DDoS scenario, attackers take down a target network by bombarding it with useless traffic generated by large botnets. This attack essentially clogs up the virtual lanes and causes the server to either fall offline or prevent visitors from accessing the site.

In the case of Spamhaus, the attackers are using DNS reflection to generate massive streams of DDoS traffic. Fake domain name requests are sent to DNS servers, which in turn send a flood of responses to a target server or network. In this case, the DNS servers think the requests came from Spamhaus, but they really didn't; they got a flood of responses to the anti-spam firm anyway.

"The vast majority of the traffic was caused by open DNS resolvers," Prince said. "What's spooky here is that only a tiny fraction of the 21.7 million open DNS resolvers on the Internet were used [to generate the traffic against Spamhaus]."

Once Spamhaus came to CloudFlare requesting help, the attackers focused their efforts on both companies. In the process, millions of Internet users have complained of poor performance in Netflix and Hulu Plus, or they have been unable to access specific websites for a short time.

Patrick Gilmore, chief architect at Akamai Networks, told the New York Times that Spamhaus' role is to generate a list of Internet spammers. Cyberbunker got mad because it was added, and decided to retaliate. "To be frank, they got caught," he said. "They think they should be allowed to spam."

"Nobody ever deputized Spamhaus to determine what goes and does not go on the Internet,” added Cyberbunker rep Kamphuis. "They worked themselves into that position by pretending to fight spam."

Several Internet engineers told the New York Times that the big issue facing the Internet today is that ISPs have no way of confirming that traffic leaving their networks is actually coming from their own users.

Contact Us for News Tips, Corrections and Feedback

Discuss
Display all 37 comments.
This thread is closed for comments
Top Comments
  • 28 Hide
    bystander , March 28, 2013 5:37 PM
    If anyone thought Cyberbunker wasn't a problem before, they don't have a doubt now. Way to show them what you are.
  • 26 Hide
    twisted politiks , March 28, 2013 5:34 PM
    Wow, what a bunch of immature people Cyberbunker is. They send out spam, nobody wants it, so naturally they will become blacklisted. I would urge Spamhaus to ride out the waves of DDoS attacks until, hopefully, Cyberbunker goes bankrupt from being unable to spam to anybody anymore :p 
  • 23 Hide
    FloKid , March 28, 2013 6:27 PM
    Biggest cyberwar and it's over spam
Other Comments
  • 26 Hide
    twisted politiks , March 28, 2013 5:34 PM
    Wow, what a bunch of immature people Cyberbunker is. They send out spam, nobody wants it, so naturally they will become blacklisted. I would urge Spamhaus to ride out the waves of DDoS attacks until, hopefully, Cyberbunker goes bankrupt from being unable to spam to anybody anymore :p 
  • 28 Hide
    bystander , March 28, 2013 5:37 PM
    If anyone thought Cyberbunker wasn't a problem before, they don't have a doubt now. Way to show them what you are.
  • 20 Hide
    i eat ddosses for lunch , March 28, 2013 6:27 PM
    "We're innocent, we're innocent, we don't spam at all!!" *meanwhile* DDoS'ing the shit out of the internet...

    How stupid do people think we are?
  • 23 Hide
    FloKid , March 28, 2013 6:27 PM
    Biggest cyberwar and it's over spam
  • -6 Hide
    thecolorblue , March 28, 2013 6:34 PM
    ""These things are essentially like nuclear bombs," he added. "It’s so easy to cause so much damage."

    what a fu***** inbred moron. how many people have ddos attacks murdered lately? how many mutated babies have been born? Matthew Prince, CEO of CloudFare you are a fu**ing !d!ot.
  • 4 Hide
    nforce4max , March 28, 2013 6:48 PM
    One day it all will be gone and pitiable games like this will be remembered not.
  • 9 Hide
    JJ1217 , March 28, 2013 6:52 PM
    FloKidBiggest cyberwar and it's over spam


    I could not have said it better. There are so many more things to fight about.. and its about this...
  • 4 Hide
    NightLight , March 28, 2013 6:53 PM
    yeah, i think someone should cur the hardlines to those assholes!
  • 1 Hide
    NightLight , March 28, 2013 6:53 PM
    *cut*
  • -1 Hide
    therabiddeer , March 28, 2013 7:55 PM
    thecolorblue""These things are essentially like nuclear bombs," he added. "It’s so easy to cause so much damage."what a fu***** inbred moron. how many people have ddos attacks murdered lately? how many mutated babies have been born? Matthew Prince, CEO of CloudFare you are a fu**ing !d!ot.

    If it were actually impacting the global internet, it is possible it hurts people. Some hospitals use it to look up drug information, others rely on it completely for patient records and such. A lot of companies use VoIP for phone services too.

    However, this is all a sham anyway. The only place where it possibly slowed down is for the dutch. Nobody else noticed slow internet except via coincidence. Some speculate that this is even a publicity stunt by CloudFlare.
  • 2 Hide
    A Bad Day , March 28, 2013 8:36 PM
    thecolorblue""These things are essentially like nuclear bombs," he added. "It’s so easy to cause so much damage."what a fu***** inbred moron. how many people have ddos attacks murdered lately? how many mutated babies have been born? Matthew Prince, CEO of CloudFare you are a fu**ing !d!ot.


    Shut down all online commerce for a few days due to Denial of Service attacks being applied indiscriminately.

    Watch the economic damages roll. Amazon, Newegg, every single online retailer would essentially shut down.

    And that's not including VoIP, including 9/11 services or other companies that use the internet extensively for data transfer.
  • 2 Hide
    guardianangel42 , March 28, 2013 8:38 PM
    These hackers don't have any concept of foresight. Do they honestly believe stuff like this is going to work? Do they honestly believe it will get them what they want?

    You think SOPA and PIPA were bad? What do you think will happen when the next largest DDoS attack happens? This one at least partially brought down the internet of a whole geographical region. Do you honestly think that legislators are going to continue to let stuff like that slide?

    Sooner or later a group of politicians without a long-viewed bone in their body is going to write a bill that will "put a stop" to this sort of thing. Do you honestly think the entire internet banding together to protest is going to dissuade them?

    They'll write a bill that is the definition of overcompensation, and in the end we'll look back on SOPA and PIPA as if they were old and slightly deranged friends.

    DDoS attacks like this really are like Nukes. Set one off and suffer through a slew of unintended consequences.

    We dropped two on Japan to end a war quickly and ended up creating the single most drawn out and terrifying conflict in history to date. One man wants to test his new toys and the rest of the world is left to deal with a Cold War.

  • 3 Hide
    JackFrost860 , March 28, 2013 8:40 PM
    people that execute DDoS attacks and Spammers should both be put into jail. Laws need to be updated, so that something can be done to get ride these two internet blights.
  • -2 Hide
    JonnyDough , March 28, 2013 8:42 PM
    I just want someone who doesn't have an agenda (other than fighting spam) to fight spam. No pushing their personal perspectives, except for the one that everyone but criminally minded ass-hats agree is universally annoyingly disruptive, and that's spam.
  • 3 Hide
    hoofhearted , March 28, 2013 8:58 PM
    A cruise missile inside the Cyber Bunker would be a good start.
  • 2 Hide
    kinggraves , March 28, 2013 9:31 PM
    hoofheartedA cruise missile inside the Cyber Bunker would be a good start.


    Well they are in a bunker.

    And that's just the thing. "Cyberwars" are still a joke. A couple assault teams could likely clear that entire building out and leave a mountain of corpses if they wanted. The only issue is that cybercrime still hasn't been elevated to the stature that it hurts lives and deserves capital punishments. Real war is still physical. A cyberattack like this could cause the internet to crash and some hospitals might not be able to google diagnoses? Who cares? A single modern nuke could wipe out entire cities, millions of lives, in an instant. Enjoy living in your sci fi fantasies where this garbage matters while we continuously ignore the fact Korea is waving a nuke at us and China's stirring up pretty much anything that touches it with their closet Imperialism. Someday you're going to wish your most dire consequence was that your package from Newegg was a day late.
  • -1 Hide
    guardianangel42 , March 28, 2013 9:52 PM
    kinggravesWell they are in a bunker.And that's just the thing. "Cyberwars" are still a joke. A couple assault teams could likely clear that entire building out and leave a mountain of corpses if they wanted. The only issue is that cybercrime still hasn't been elevated to the stature that it hurts lives and deserves capital punishments. Real war is still physical. A cyberattack like this could cause the internet to crash and some hospitals might not be able to google diagnoses? Who cares? A single modern nuke could wipe out entire cities, millions of lives, in an instant. Enjoy living in your sci fi fantasies where this garbage matters while we continuously ignore the fact Korea is waving a nuke at us and China's stirring up pretty much anything that touches it with their closet Imperialism. Someday you're going to wish your most dire consequence was that your package from Newegg was a day late.


    You don't understand how integrated the internet is into our society. In a few years, all hospitals will be referencing patient records off site. A DDoS on a hospital could EASILY kill everyone in the Emergency Room. A DDoS against the servers with the patient information and an entire country would be unable to treat the wounded and ill.

    Why? Because in a few short years, the pursuit of efficiency will have it so that no paper exists in a hospital. The infrastructure for handling patients will be geared toward instantly accessing a prospective patient's personal medical history, their allergies, what medications they're on, what treatments have been tried, all of it.

    Likewise bringing down any other major infrastructure could destroy the way the world functions. Law enforcement would be unable to access records on the road and in the future may even be unable to effectively respond to 911 calls.

    And let's not even talk about enemy nations stealing military secrets. They try, but they fail.

    As much as people Hate America, what do you think would happen if China got a hold of the schematics for stealth technology? What do you think would happen if they got a hold of any other schematics for any other military technology? You think they'd be as benevolent with it as we have been?

    If they didn't sell it immediately, they'd build it themselves. And China with a technological advantage is a scary thing.

    The worst thing you can do is underestimate the amount of damage that can be done by this sort of "warfare". You hear about petulant man children and their crusades against various injustices but not the successful cyber-espionage conducted by China against american companies nor the daily breaching attempts made against every US government organization.

    As the methodology becomes more advanced, the threat level rises. To underestimate it is to doom yourself.

  • 2 Hide
    billyboy999 , March 28, 2013 9:59 PM
    JJ1217I could not have said it better. There are so many more things to fight about.. and its about this...

    Spam is money, and money is a pretty reasonable thing to fight over.
  • 2 Hide
    tokencode , March 28, 2013 10:16 PM
    This is easy, who are their upstream providers? All major ISPs should threaten to blackhole the upstreams unless they discontinue service to their customer is they have been repeatedly warned and not acted. This may not stop the DDoS attack, but it will cut off their line of revenue. The next step is to file charges against the owners.
Display more comments
Tom’s guide in the world
  • Germany
  • France
  • Italy
  • Ireland
  • UK
Follow Tom’s guide
Subscribe to our newsletter