News

Actions

UPDATE: The ‘Massive cyberattack’ that hit Internet users

Posted at 8:36 AM, Mar 28, 2013
and last updated 2013-03-28 08:36:09-04

Super-virus Flame raises the cyberwar stakesBy Doug Gross

(CNN) — Internet users around the globe are facing slowed-down service, thanks to what’s being called the biggest cyberattack in history.

The prolonged denial-of-service assault is targeting The Spamhaus Project, a European spam-fighting group that has gone after CyberBunker, a data-storage company that offers to host any content “except child porn and anything related to terrorism.”

The organization has been in a long-running feud with CyberBunker and claims spammers use it as a host from which to spray junk mail across the Web.

Internet security firm CloudFlare said Spamhaus contacted it last week, saying it had been hit with an attack big enough to knock its site offline.

Security experts say the attack uses more sophisticated techniques than most DDOS (distributed denial of service) attacks and targets the Web’s infrastructure, which has led to other sites performing slowly.

“It’s the biggest attack we’ve seen,” Matthew Prince, CloudFlare’s CEO, told CNN.

The Spamhaus Project is a nonprofit organization that patrols the Internet for spammers and publishes a list of Web servers those spammers use. According to Prince, the group may be responsible for up to 80% of all spam that gets blocked. This month, the group added CyberBunker to its blacklist.

“While we don’t know who was behind this attack, Spamhaus has made plenty of enemies over the years,” Prince wrote in a blog post. “Spammers aren’t always the most lovable of individuals and Spamhaus has been threatened, sued, and DDoSed regularly.”

In a DDoS attack, computers flood a website with requests, overwhelming its servers and causing it to crash or become inaccessible for many users.

One way to defend against those attacks, Prince said, is to deflect some of the traffic targeted at a single server onto a bunch of other servers at different locations. That’s what happened in this case, and why Web users experienced some slowdowns on other sites.

He told CNN the last big wave of the attack hit Tuesday morning, but that he doesn’t “live under the illusion” that there won’t be more.

For its part, CyberBunker isn’t taking credit for the attack. But the Dutch company, housed in a former NATO nuclear bunker, isn’t shying away, either.

“This here is the internet community puking out SpamHaus,” CyberBunker founder Sven Olaf Kamphuis told CNN. “We’ve had it with the guys … . What we see right here is the internet puking out a cancer.”

He said the owners of various websites got together on a Skype chat and hatched the plans for the attack. He says that StopHaus, a group organized to support CyberBunker in the dispute, ceased the attack after three days but that other hackers and activists kept it up after that.

Kamphuis and other critics say that Spamhaus oversteps its bounds and has essentially destroyed innocent websites in its spam-fighting efforts.

“Spamhaus itself is a more urgent danger” than spam, Kamphuis told CNN. “Pointing at websites and saying they want it shut down and then they get it shut down without any court order. That is a significantly larger threat to internet and freedom of speech and net neutrality than anything else.”

Vincent Hanna, a researcher with The Spamhaus Project, said the group’s record speaks for itself. He said the project has existed for over 12 years and its data is used to protect more than 1.7 billion e-mail accounts worldwide.

“We have 1.7 billion people looking over our shoulders to make sure we do our job right,” he said. “If we start blocking things they want, they won’t use our data any more.”

He emphasized that Spamhaus doesn’t have the power to block e-mail from anyone — it merely makes its data available for service providers and other Web companies to use.

Hanna said Spamhaus experienced its first denial-of-service attack in 2003.

“This has been the biggest for us,” he said, “but certainly not the first one.”

Cloudflare’s Prince said denying access to a website through cyberattacks is the truest assault on Web freedom.

“Our role is to allow the internet to achieve what it aspires to — that anyone, anywhere can publish any piece of information and make it accessible to anyone, anywhere else in the world,” he said. “It’s blatant censorship.

“Whether Spamhaus is a good organization or a bad organization is irrelevant to me. We protect American financial institutions, which some people think are evil, and we protect WikiLeaks, which some people think are evil.”

CNN’s Atika Shubert and Antonia Mortensen contributed to this report.

The-CNN-Wire/Atlanta/+1-404-827-WIRE(9473)
™ & © 2013 Cable News Network, Inc., a Time Warner Company. All rights reserved.