The online world is famously anarchic and opposing forces occasionally decide to settle their scores by force.
And that is exactly what happened this week as the spam-fighting group Spamhaus came under a revenge attack by spammers. By all accounts, it was the biggest attack yet seen on the Internet.
At the attack’s peak on March 27, Spamhaus was hit by a torrent of data from hostile spammers that streamed into its servers at the astounding rate of 300 gigabits per second.
David Emm, a senior security researcher at Kaspersky Lab in Oxford, England, says the attack is what's known as a "denial of service attack, a distributed denial of service attack."
"This is basically where somebody who wants to have a negative impact on a computer system or on a particular business or other organization decides to actually stop it from functioning properly,” Emm says.
The attack was astounding because that rate is three times the previous record set for an Internet attack in 2010 and six times the rate usually seen in attacks on major banks.
In the Netherlands, where the party alleged by Spamhaus to have launched the attack is based, the ripple effects were so strong that computer users found the speed of their Internet operations noticeably slower than usual.
In some other parts of Europe, users of popular services such as Netflix, the online movie retailer, reported slow-downs.
Experts worried that had the attacks escalated further, e-mail and banking services also could have also been affected. But by the end of March 27 the attack subsided.
To visualize what happened, one can think in terms of a classic movie-style showdown between cyber-duelists.
Aided By Criminal Gangs
On one side: the spam-fighting nonprofit organization Spamhaus, based in London and Geneva. Its mission: to help e-mail providers filter out the spam that regularly clogs ordinary users’ mailboxes.
And on the other: the spam-hosting company called Cyberbunker, whose Dutch headquarters is located in a five-story former NATO bunker. It advertises its readiness to host any website “except child porn and anything related to terrorism,” restrictions that leave plenty of room for hosting spam of all kinds.
Emm says spammers appear to have targeted Spamhaus because its blacklisting of sites like Cyberbunker directly harms their business profits. He says their goal was to overwhelm Spamhaus with data that it would have to shut down.
Spamhaus says it survived the onslaught thanks to “an immense job” by its engineers. It has also alleged that Cyberbunker was aided by “criminal gangs” from Eastern and Europe in launching the attack. Cyberbunker has yet to reply to the charges.
This week’s attack has already gone down in history as the “biggest ever.” But few computer experts expect it to hold the title for long.
Sam Smith, an expert on Internet privacy at London-based Privacy International, says cyber attacks are inevitably getting bigger as the Internet itself grows larger.
“This is possibly the biggest reported attack in history, as far as we know. However, technology is moving on and the Internet is constantly getting bigger. So, the scale is constantly going up,” Smith says.
One reason attacks grow larger is that those who want to organize attacks have ever more resources for doing so.
Common attack strategies involve manipulating data address codes to redirect Internet traffic to a target or, equally nefariously, infecting ordinary people's computers so they forward spam to desired targets. In either case, the more Internet users there are, the larger is the data torrent that can be created.
As Emm explains, the motives for such attacks vary.
“In this case, we have what seems to have been a revenge attack, but they can also be used for other purposes such as extortion. We have seen that in the past, too, where somebody wants to get money from an organization," Emm says.
"So, what they do is set up their distributed denial of service attack, they flick the switch and start flooding it with traffic, then they turn off the attack and they contact the organization and they say ‘if you don't want that to continue, pay us some money.’”
Could a war on the Internet ever grow so big that it would bring the whole virtual world to a standstill?
Experts say that, for now, it is hard to imagine something on that scale. But as this week’s experience shows, the fallout from even a local war on the Internet can be felt. The fallout from anything larger could be dramatic.
And that is exactly what happened this week as the spam-fighting group Spamhaus came under a revenge attack by spammers. By all accounts, it was the biggest attack yet seen on the Internet.
At the attack’s peak on March 27, Spamhaus was hit by a torrent of data from hostile spammers that streamed into its servers at the astounding rate of 300 gigabits per second.
David Emm, a senior security researcher at Kaspersky Lab in Oxford, England, says the attack is what's known as a "denial of service attack, a distributed denial of service attack."
"This is basically where somebody who wants to have a negative impact on a computer system or on a particular business or other organization decides to actually stop it from functioning properly,” Emm says.
The attack was astounding because that rate is three times the previous record set for an Internet attack in 2010 and six times the rate usually seen in attacks on major banks.
In the Netherlands, where the party alleged by Spamhaus to have launched the attack is based, the ripple effects were so strong that computer users found the speed of their Internet operations noticeably slower than usual.
In some other parts of Europe, users of popular services such as Netflix, the online movie retailer, reported slow-downs.
Experts worried that had the attacks escalated further, e-mail and banking services also could have also been affected. But by the end of March 27 the attack subsided.
To visualize what happened, one can think in terms of a classic movie-style showdown between cyber-duelists.
Aided By Criminal Gangs
On one side: the spam-fighting nonprofit organization Spamhaus, based in London and Geneva. Its mission: to help e-mail providers filter out the spam that regularly clogs ordinary users’ mailboxes.
And on the other: the spam-hosting company called Cyberbunker, whose Dutch headquarters is located in a five-story former NATO bunker. It advertises its readiness to host any website “except child porn and anything related to terrorism,” restrictions that leave plenty of room for hosting spam of all kinds.
Emm says spammers appear to have targeted Spamhaus because its blacklisting of sites like Cyberbunker directly harms their business profits. He says their goal was to overwhelm Spamhaus with data that it would have to shut down.
Spamhaus says it survived the onslaught thanks to “an immense job” by its engineers. It has also alleged that Cyberbunker was aided by “criminal gangs” from Eastern and Europe in launching the attack. Cyberbunker has yet to reply to the charges.
This week’s attack has already gone down in history as the “biggest ever.” But few computer experts expect it to hold the title for long.
Sam Smith, an expert on Internet privacy at London-based Privacy International, says cyber attacks are inevitably getting bigger as the Internet itself grows larger.
“This is possibly the biggest reported attack in history, as far as we know. However, technology is moving on and the Internet is constantly getting bigger. So, the scale is constantly going up,” Smith says.
One reason attacks grow larger is that those who want to organize attacks have ever more resources for doing so.
Common attack strategies involve manipulating data address codes to redirect Internet traffic to a target or, equally nefariously, infecting ordinary people's computers so they forward spam to desired targets. In either case, the more Internet users there are, the larger is the data torrent that can be created.
As Emm explains, the motives for such attacks vary.
“In this case, we have what seems to have been a revenge attack, but they can also be used for other purposes such as extortion. We have seen that in the past, too, where somebody wants to get money from an organization," Emm says.
"So, what they do is set up their distributed denial of service attack, they flick the switch and start flooding it with traffic, then they turn off the attack and they contact the organization and they say ‘if you don't want that to continue, pay us some money.’”
Could a war on the Internet ever grow so big that it would bring the whole virtual world to a standstill?
Experts say that, for now, it is hard to imagine something on that scale. But as this week’s experience shows, the fallout from even a local war on the Internet can be felt. The fallout from anything larger could be dramatic.