Attacks Used the Internet Against Itself to Clog Traffic

Via: NY Times

By JOHN MARKOFF and NICOLE PERLROTH
Published: March 27, 2013

An escalating cyberattack involving an antispam group and a shadowy group of attackers has now affected millions of people across the Internet, raising the question: How can such attacks be stopped?

The short answer is: Not easily. The digital “fire hose” being wielded by the attackers to jam traffic on the Internet in recent weeks was made possible by both the best and worst aspects of the sprawling global computer network. The Internet is, by default, an open, loosely regulated platform for communication, but many of the servers that make its communication possible have been configured in such a way that they can be easily fooled.

The latest attacks, which appeared to have subsided by Wednesday, have demonstrated just how big a problem that can be.

On Tuesday, security engineers said that an anonymous group unhappy with Spamhaus, a volunteer organization that distributes a blacklist of spammers to e-mail providers, had retaliated with a cyberattack of vast proportions.

In what is called a distributed denial of service, or DDoS, attack, the assailants harnessed a powerful botnet — a network of thousands of infected computers being controlled remotely — to send attack traffic first to Spamhaus’s Web site and later to the Internet servers used by CloudFlare, a Silicon Valley company that Spamhaus hired to deflect its onslaught.

This kind of attack works because the botnet exploits Internet routing software and fools Internet servers into responding to requests for information sent simultaneously by a large group of computers. The Internet servers that answer the requests are tricked into sending blocks of data to the victims, in this case Spamhaus and CloudFlare.

The attack was amplified because each of the servers in this case was asked to send a relatively large block of information. The data stream grew from 10 billion bits per second last week to as much as 300 billion bits per second this week, the largest such attack ever reported, causing what CloudFlare estimated to be hundreds of millions of people to experience delays and error messages across the Web.

Read more: here

Advertisements

Leave a Comment

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s