Internet Spam Fighter Weathers Massive Attack

Cybercrooks hit Spamhaus with largest DDoS attack ever recorded

2 min read
Internet Spam Fighter Weathers Massive Attack

Imagine this: a band of criminals imperils a city by putting its police precincts under siege to the point that the police are so busy protecting themselves that they are incapable of doing anything else. Something analogous was just narrowly avoided on the Internet, when anti-spam watchdog Spamhaus came under the largest denial-of-service attack ever recorded. Spamhaus, which helps keep e-mail inboxes free from come-ons hawking male enhancement pills, low-interest loans, and foreclosed properties, was reportedly in the crosshairs of spammers angry about being added to Spamhaus’ blacklists, which make it more challenging to ply their illicit trade.

The attacks, which threatened to knock the not-for-profit Web guardian’s site offline, were a bit of evil genius, using a quirk in the way the Internet works to water Spamhaus’ plants with a fire hose. On 18 March, the attackers began employing a distributed denial of service (DDoS) technique known as DNS reflection. It’s designed to overwhelm a site after the attacker sends simultaneous information requests to thousands of servers with source addresses spoofed so that responses to the DNS queries are all routed to the victim’s servers. In this case, Spamhaus’ servers were being force fed more than 300 gigabits per second, says San Francisco-based CloudFlare.

Spamhaus retained the services of CloudFlare, which specializes in deflecting unwanted Internet traffic away from companies’ servers, to keep its sites from being crushed under the weight of the incoming data deluge. For the sake of comparison, Dan Holden, director of security research at Arbor Networks, told the Wall Street Journal that, “Up until this, the largest attack we had seen was a 100-gigabit attack in 2010 [targeting a U.S. bank] and an 80-gigabit attack in 2012.”

“It is a small miracle that we're still online,” Spamhaus researcher Vincent Hanna told the Journal.

Holden also noted that the attack against Spamhaus caused collateral damage across the Web because some servers along the paths between Spamhaus and the servers that were queried to set off the data tsunami were overwhelmed by the volume of data they had to handle.

But as of this morning, reports are coming in that the attackers—probably frustrated that their best shots failed to put Spamhaus down for the count—have retreated to their corner, probably to plot some more. According to a BBC report, Spamhaus accused Cyberbunker, a Dutch Web-hosting company, of being the brains of the operation. Meanwhile, the BBC reports on the unverified claims of a man who said to be in contact with the attackers. Acting as their mouthpiece, he explained their rationale: "[Spamhaus abuses its] position not to stop spam but to exercise censorship without a court order."

Spamhaus’ Hanna disputed that claim, telling the Journal that, "We have 1.7 billion people who watch over our shoulder. If we start blocking emails that they want, they will obviously stop using us."

The Conversation (0)

How the FCC Settles Radio-Spectrum Turf Wars

Remember the 5G-airport controversy? Here’s how such disputes play out

11 min read
This photo shows a man in the basket of a cherry picker working on an antenna as an airliner passes overhead.

The airline and cellular-phone industries have been at loggerheads over the possibility that 5G transmissions from antennas such as this one, located at Los Angeles International Airport, could interfere with the radar altimeters used in aircraft.

Patrick T. Fallon/AFP/Getty Images

You’ve no doubt seen the scary headlines: Will 5G Cause Planes to Crash? They appeared late last year, after the U.S. Federal Aviation Administration warned that new 5G services from AT&T and Verizon might interfere with the radar altimeters that airplane pilots rely on to land safely. Not true, said AT&T and Verizon, with the backing of the U.S. Federal Communications Commission, which had authorized 5G. The altimeters are safe, they maintained. Air travelers didn’t know what to believe.

Another recent FCC decision had also created a controversy about public safety: okaying Wi-Fi devices in a 6-gigahertz frequency band long used by point-to-point microwave systems to carry safety-critical data. The microwave operators predicted that the Wi-Fi devices would disrupt their systems; the Wi-Fi interests insisted they would not. (As an attorney, I represented a microwave-industry group in the ensuing legal dispute.)

Keep Reading ↓Show less