By Chris Gayomali
Things on the web feel a little sluggish yesterday? You weren't imagining things. Security experts claim that the largest cyberattack in Internet history happened yesterday, slowing services like Netflix to a crawl and making other global websites completely unreachable. The traffic jam was all due to a very public spat between a Dutch webhosting company and a quiet spam-fighting organization. Here's what you need to know.
What's going on?
Spamhaus is a non-profit that — you guessed it — helps organizations fight spam and other unwanted stuff by providing them with content filters. The company keeps tabs of malicious servers on exhaustive blacklists. The trouble began when Spamhaus blacklisted a Dutch company called Cyberbunker, a service that offers hosting to any kind of website "except child porn and anything related to terrorism." A Cyberbunker spokesman said that Spamhaus was abusing its power, and should not be allowed to decide "what goes and does not go on the Internet."
So who's attacking whom?
Spamhaus says Cyberbunker has been retaliating with a powerful denial of service, or DDoS, attack. The attacks, which Spamhaus claims started on March 19, are reaching "previously unknown magnitudes, growing to a data stream of 300 billion bits per second," says the New York Times. (For comparison, similar DDoS attacks that crippled major banks peaked at 50 billion bits.) "It's a real number," says Patrick Gilmore, chief architect of Akamai Technologies, a digital content provider. "It is the largest publicly announced DDoS attack in the history of the Internet."
So Cyberbunker is attacking Spamhaus directly?
Not exactly. Cyberbunker doesn't appear to be responding to anyone's request for comment. Spamhaus, on the other hand, asserts that Cyberbunker was cooperating with "criminal gangs" from Eastern Europe and Russia to coordinate the DDoS attacks. These attacks are said to be organized by "swarms of computers called botnets," says the Times. The technique "uses a long-known flaw in the Internet's basic plumbing," akin to "using a machine gun to spray an entire crowd when the intent is to kill one person." In other words, it's causing a major data pile-up.
Who are these attacks affecting?
Not to get too technical, but the reason these attacks are so crippling is because they flooded Spamhaus' Domain Name System, or DNS, with massive amounts of its own data. Spamhaus hosts 80 servers around the world, and hackers "target[ed] every part of the Internet infrastructure that they feel can be brought down," says Steve Linford, chief executive of Spamhaus. As such, millions of Internet users trying to access the web could have experienced delays. Security experts are concerned that as the attacks get more powerful, basic Internet services like email and banking may be jeopardized.
Who first discovered it?
The attacks were first mentioned publicly by a Silicon Valley firm called CloudFare, which was hired by Spamhaus for security. However, in trying to defend against the DDoS attacks, it, too, ended up being attacked. "These things are essentially like nuclear bombs," said CloudFlare chief executive Matthew Prince. "It's so easy to cause so much damage." Other companies like Google did their part to keep the Internet held together, and lent Spamhaus resources to "absorb all this traffic."
More from The Week...
Scientists Discover a New Breed of Mini-Supernovas
Why the FAA is Closing 149 Airport Control Towers
How One Prisoner's Hand-Written Petition Won Him a Supreme Court Case