Loading ...
Sorry, an error occurred while loading the content.

Firm accused of sending spam and fight jams Internet in largest attack ever

Expand Messages
  • Thad Floryan
    Firm Is Accused of Sending Spam, and Fight Jams
    Message 1 of 3 , Mar 27, 2013
    • 0 Attachment
      <http://www.nytimes.com/2013/03/27/technology/internet/online-dispute-becomes-internet-snarling-attack.html>

      Firm Is Accused of Sending Spam, and Fight Jams Internet
      By JOHN MARKOFF and NICOLE PERLROTH March 26, 2013

      A squabble between a group fighting spam and a Dutch company that
      hosts Web sites said to be sending spam has escalated into one of the
      largest computer attacks on the Internet, causing widespread
      congestion and jamming crucial infrastructure around the world.

      Millions of ordinary Internet users have experienced delays in
      services like Netflix or could not reach a particular Web site for a
      short time.

      However, for the Internet engineers who run the global network the
      problem is more worrisome. The attacks are becoming increasingly
      powerful, and computer security experts worry that if they continue to
      escalate people may not be able to reach basic Internet services, like
      e-mail and online banking.

      The dispute started when the spam-fighting group, called Spamhaus,
      added the Dutch company Cyberbunker to its blacklist, which is used by
      e-mail providers to weed out spam. Cyberbunker, named for its
      headquarters, a five-story former NATO bunker, offers hosting services
      to any Web site "except child porn and anything related to terrorism,"
      according to its Web site.

      A spokesman for Spamhaus, which is based in Europe, said the attacks
      began on March 19, but had not stopped the group from distributing its
      blacklist.

      Patrick Gilmore, chief architect at Akamai Networks, a digital content
      provider, said Spamhaus's role was to generate a list of Internet
      spammers.

      Of Cyberbunker, he added: "These guys are just mad. To be frank, they
      got caught. They think they should be allowed to spam."

      Mr. Gilmore said that the attacks, which are generated by swarms of
      computers called botnets, concentrate data streams that are larger
      than the Internet connections of entire countries. He likened the
      technique, which uses a long-known flaw in the Internet's basic
      plumbing, to using a machine gun to spray an entire crowd when the
      intent is to kill one person.

      The attacks were first mentioned publicly last week by CloudFlare, an
      Internet security firm in Silicon Valley that was trying to defend
      against the attacks and as a result became a target.

      "These things are essentially like nuclear bombs," said Matthew
      Prince, chief executive of CloudFlare. "It's so easy to cause so much
      damage."

      The so-called distributed denial of service, or DDoS, attacks have
      reached previously unknown magnitudes, growing to a data stream of 300
      billion bits per second.

      "It is a real number," Mr. Gilmore said. "It is the largest publicly
      announced DDoS attack in the history of the Internet."

      Spamhaus, one of the most prominent groups tracking spammers on the
      Internet, uses volunteers to identify spammers and has been described
      as an online vigilante group.

      In the past, blacklisted sites have retaliated against Spamhaus with
      denial-of-service attacks, in which they flood Spamhaus with traffic
      requests from personal computers until its servers become unreachable.
      But in recent weeks, the attackers hit back with a far more powerful
      strike that exploited the Internet's core infrastructure, called the
      Domain Name System, or DNS.

      That system functions like a telephone switchboard for the Internet.
      It translates the names of Web sites like Facebook.com or Google.com
      into a string of numbers that the Internet's underlying technology can
      understand. Millions of computer servers around the world perform the
      actual translation.

      In the latest incident, attackers sent messages, masquerading as ones
      coming from Spamhaus, to those machines, which were then amplified
      drastically by the servers, causing torrents of data to be aimed back
      at the Spamhaus computers.

      When Spamhaus requested aid from CloudFlare, the attackers began to
      focus their digital ire on the companies that provide data connections
      for both Spamhaus and CloudFlare.

      Questioned about the attacks, Sven Olaf Kamphuis, an Internet activist
      who said he was a spokesman for the attackers, said in an online
      message that, "We are aware that this is one of the largest DDoS
      attacks the world had publicly seen." Mr. Kamphuis said Cyberbunker
      was retaliating against Spamhaus for "abusing their influence."

      "Nobody ever deputized Spamhaus to determine what goes and does not go
      on the Internet," Mr. Kamphuis said. "They worked themselves into
      that position by pretending to fight spam."

      A typical denial-of-service attack tends to affect only a small number
      of networks. But in the case of a Domain Name System flood attack,
      data packets are aimed at the victim from servers all over the world.
      Such attacks cannot easily be stopped, experts say, because those
      servers cannot be shut off without halting the Internet.

      "The No. 1 rule of the Internet is that it has to work," said Dan
      Kaminsky, a security researcher who years ago pointed out the inherent
      vulnerabilities of the Domain Name System. "You can’t stop a DNS
      flood by shutting down those servers because those machines have to be
      open and public by default. The only way to deal with this problem is
      to find the people doing it and arrest them."

      The heart of the problem, according to several Internet engineers, is
      that many large Internet service providers have not set up their
      networks to make sure that traffic leaving their networks is actually
      coming from their own users. The potential security flaw has long
      been known by Internet security specialists, but it has only recently
      been exploited in a way that threatens the Internet infrastructure.

      An engineer at one of the largest Internet communications firms said
      the attacks in recent days have been as many as five times larger than
      what was seen recently in attacks against major American banks. He
      said the attacks were not large enough to saturate the company's
      largest routers, but they had overwhelmed important equipment.

      Cyberbunker brags on its Web site that it has been a frequent target
      of law enforcement because of its "many controversial customers." The
      company claims that at one point it fended off a Dutch SWAT team.

      "Dutch authorities and the police have made several attempts to enter
      the bunker by force," the site said. "None of these attempts were
      successful."
    • thad_floryan
      ... Are the Dutch police and SWAT teams all brain dead? If it was my call, I d dynamite the power tower feeding Cyberbunker and cut the fiber with a backhoe
      Message 2 of 3 , Mar 27, 2013
      • 0 Attachment
        --- In linux@yahoogroups.com, Thad Floryan <thad@...> wrote:
        >
        > <http://www.nytimes.com/2013/03/27/technology/internet/online-dispute-becomes-internet-snarling-attack.html>
        >
        > Firm Is Accused of Sending Spam, and Fight Jams Internet
        > By JOHN MARKOFF and NICOLE PERLROTH March 26, 2013
        > [...]
        > Cyberbunker brags on its Web site that it has been a frequent target
        > of law enforcement because of its "many controversial customers." The
        > company claims that at one point it fended off a Dutch SWAT team.
        >
        > "Dutch authorities and the police have made several attempts to enter
        > the bunker by force," the site said. "None of these attempts were
        > successful."


        Are the Dutch police and SWAT teams all brain dead?

        If it was my call, I'd dynamite the power tower feeding Cyberbunker
        and cut the fiber with a backhoe (or a pccket knife) depending how the
        fiber is run in/out of Cyberbunker.

        I'd shut down the sewers, too, which is the best course of action.

        Then wait and starve them out until they surrender or begin lobbing
        grenades and RPGs into Cyberbunker.

        Simple. Criminals should have NO rights whatsoever. Or is Holland
        as screwed up as Norway which is treating Anders Breivik as a hero
        and offering him luxurious accomodations free for the rest of his
        life after killing 77 people. The accomodations and services are so
        great that 99.99% of the people on Earth cannot even afford them:

        http://www.time.com/time/photogallery/0,29307,1989083,00.html

        Thad
      • thad_floryan
        ... Another article: http://www.bbc.co.uk/news/technology-21954636 Global internet slows after biggest attack in history By Dave Lee 27 March 2013 Last
        Message 3 of 3 , Mar 28, 2013
        • 0 Attachment
          --- In linux@yahoogroups.com, Thad Floryan <thad@...> wrote:
          > [...]
          > <http://www.nytimes.com/2013/03/27/technology/internet/online-dispute-becomes-internet-snarling-attack.html>
          >
          > Firm Is Accused of Sending Spam, and Fight Jams Internet
          > By JOHN MARKOFF and NICOLE PERLROTH March 26, 2013
          > [...]

          Another article:

          http://www.bbc.co.uk/news/technology-21954636

          Global internet slows after 'biggest attack in history'
          By Dave Lee 27 March 2013 Last updated at 09:03 ET

          and accompanying that, this article from a year ago by Prof Alan
          Woodward predicting the inherent weaknesses in the web's domain name
          system:

          http://www.bbc.co.uk/news/technology-17472447

          Thad
        Your message has been successfully submitted and would be delivered to recipients shortly.