A “bazooka” cyberattack described as the most powerful ever seen has slowed traffic on the Internet, security experts said on Wednesday, raising fresh concerns over online security.
The attacks targeted Spamhaus, a Geneva-based volunteer group that publishes spam blacklists used by networks to filter out unwanted e-mail, and led to cyberspace congestion that may have affected the Internet overall, according to Matthew Prince of the US security firm CloudFlare.
The attacks began last week, according to Spamhaus, after it placed on its blacklist the Dutch-based Web hosting site Cyberbunker, which claimed it was unfairly labeled as a haven for cybercrime and spam.
Photo: Reuters
The origin of the attacks has not yet been identified, but a BBC report said Spamhaus alleged that Cyberbunker, in cooperation with “criminal gangs” from Eastern Europe and Russia, was behind the attack.
The New York Times quoted Sven Olaf Kamphuis, who claimed to be a spokesman for the attackers, as saying that Cyberbunker was retaliating against Spamhaus for “abusing their influence.”
However, Kamphuis told the Russian news site RT that Cyberbunker was just one of several Web firms involved, protesting what he called Spamhaus’ bullying tactics.
“Spamhaus have pissed off a whole lot of people over the past few years by blackmailing ISPs [Internet service providers] and carriers into disconnecting clients without court orders or legal process whatsoever,” he said.
“At this moment, we are not even conducting any attacks... it’s now other people attacking them,” he said.
CloudFlare, which was called for assistance by Spamhaus, said the attackers changed tactics after the first layer of protection was implemented last week.
“Rather than attacking our customers directly, they started going after the network providers CloudFlare uses for bandwidth,” Prince said.
“Once the attackers realized they couldn’t knock CloudFlare itself offline ... they went after our direct peers,” he said.
Prince said the so-called distributed denial of service attack (DDoS), which essentially bombards sites with traffic in an effort to disrupt, was “one of the largest ever reported.”
Over the last few days, he added: “We’ve seen congestion across several major Tier 1 [networks], primarily in Europe, where most of the attacks were concentrated, that would have affected hundreds of millions of people even as they surfed sites unrelated to Spamhaus or CloudFlare.”
“If the Internet felt a bit more sluggish for you over the last few days in Europe, this may be part of the reason why,” Prince said in a blog post called “The DDoS That Almost Broke the Internet.”
Prince said these attacks used tactics different than the “botnets” — these came from so-called “open resolvers” that “are typically running on big servers with fat pipes.”
“They are like bazookas and the events of the last week have shown the damage they can cause,” he said. “What’s troubling is that, compared with what is possible, this attack may prove to be relatively modest.”
A spokesman for the network security firm Akamai said that based on the published data, “the attack was likely the largest publicly acknowledged attack on record.”
“The cyberattack is certainly very large,” added Johannes Ullrich of the US-based SANS Technology Institute, saying it was “a factor of 10 larger than similar attacks in the recent past.”
“But so far, I can’t verify that this affects Internet performance overall,” he said.
Spamhaus, which also has offices in London, essentially patrols the Internet to root out spammers and provides updated lists of likely perpetrators to network operators around the world.
CloudFlare estimates that Spamhaus “is directly or indirectly responsible for filtering as much as 80 percent of daily spam messages.”
The attacks began after Spamhaus blacklisted Cyberbunker, a Web hosting firm that “offers anonymous hosting of anything except child porn and anything related to terrorism.”
Cyberbunker denounced the move on its blog.
“According to Spamhaus, CyberBunker is designated as a ‘rogue’ host and has long been a haven for cybercrime and spam,” the Cyberbunker statement said.
“Of course, Spamhaus has not been able to prove any of these allegations.”
Prince said of the latest incident: “While we don’t know who was behind this attack, Spamhaus has made plenty of enemies over the years.
“We’re proud of how our network held up under such a massive attack and are working with our peers and partners to ensure that the Internet overall can stand up to the threats it faces,” Prince said.
Experts said the attacks flooded Spamhaus servers with 300 billion bits (35 gigabytes) per second of data. Prior DDoS attacks have been measured at 50 gigabytes per second.
Because of the way Internet traffic flows, these DDoS attacks created congestion and ripple effects around the Web.
Young Chinese, many who fear age discrimination in their workplace after turning 35, are increasingly starting “one-person companies” that have artificial intelligence (AI) do most of the work. Smaller start-ups are already in vogue in Silicon Valley and elsewhere, with rapidly advancing AI tools seen as a welcome teammate even as they threaten layoffs at existing firms. More young people in China are subscribing to the model, as cities pledge millions of dollars in funding and rent subsidies for such ventures, in alignment with Beijing’s political goal of “technological self-reliance.” “The one-person company is a product of the AI era,” said Karen Dai
South Korea’s air force yesterday apologized for a 2021 midair collision involving two fighter jets, a day after auditors said the pilots were taking selfies and filming during the flight and held them responsible for the accident. “We sincerely apologize to the public for the concern caused by the accident that occurred in 2021,” an air force spokesman told a news conference, adding that one of the pilots involved had been suspended from flying duties, received severe disciplinary action and has since left the military. The apology followed a report released on Wednesday by the South Korean Board of Audit and Inspection,
About 240 Indians claiming descent from a Biblical tribe landed at Tel Aviv airport on Thursday as part of a government operation to relocate them to Israel. The newcomers passed under a balloon arch in blue and white, the colors of the Israeli flag, as dozens of well-wishers welcomed them with a traditional Jewish song. They were the first “bnei Menashe” (“sons of Manasseh”) to arrive in Israel since the government in November last year announced funding for the immigration of about 6,000 members of the community from the states of Manipur and Mizoram in northeast India. The community claims to descend from
‘TROUBLING’: The firing of Phelan, who was an adviser to a nonprofit that supported the defense of Taiwan, was another example of ‘dysfunction’ under Trump, a US senator said US Secretary of the Navy John Phelan has been fired, a US official and a person familiar with the matter said on Wednesday, in another wartime shakeup at the Pentagon coming just weeks after US Secretary of Defense Pete Hegseth ousted the Army’s top general. The Pentagon announced his departure in a brief statement, saying he was leaving the administration “effective immediately,” but it did not provide a reason or say whether it was his decision to go. The sources, who spoke on condition of anonymity, said Phelan was dismissed in part because he was moving too slowly to implement reforms to
RSS