Mega DDoS attacks on the rise -- Kaspersky
- 28 March, 2013 13:39
The security vendor was responding to the huge DDoS attack that occurred on Wednesday, described as the biggest cyber attack in history. The attack affected millions of rank and Internet users, slowing hundreds of processes down.
According to reports, the DDoS attack occurred when Spamhaus, an organisation that blacklists spammers, blacklisted Dutch company Cyberbunker, an open hosting service that allows anyone to set up a website on its servers.
The attack exploited the architecture of the Internet to heard huge amounts of traffic to the Spamhaus website. The attack then went global, affecting the wider Internet.
"Based on the reported scale of the attack, which was evaluated at 300 Gigabits per second, we can confirm that this is one of the largest DDoS operations to date," said Kaspersky Lab's Global Research and Analysis team in a statement.
"The data flow generated by such an attack may affect intermediate network nodes when it passes them, thus impeding operations of normal web services that have no relation to Spamhaus or Cyberbunker. Therefore, such DDoS attack may affect regular users as well, with network slowdown or total unavailability of certain web resources being typical symptoms. There may be further disruptions on a larger scale as the attack escalates."
According to reports, Spamhaus called on Cloudflare to counter the attack after it found its defences were being overwhelmed. Cloudflare's counters worked, so the hackers began attacking sites affiliated with Spamhaus, as well as sites used by Cloudflare. Before long, the attack had begun to affect service across the Internet.
While the worst of this latest high-level DDoS attack may now be over, Kaspersky said that the world could expect to see more of the same. Cyber criminals can now attack much more frequently and on a much wider scale, the statement said.
"In general, attacks of this type are growing in terms of quantity as well as scale. Among the reasons for this growth is the development of the Internet itself (network capacity and computing power) and past failures in investigating and prosecuting individuals behind past attacks."
Kaspersky said that there are two major motives behind launching such high-level attacks. Firstly, the statement said, cyber criminals conduct DDoS attacks to disrupt organisations in order to extort money from them. Secondly, hackers use DDoS attacks as a weapon to disrupt organisations out of ideological or political interests.
Going by the reports of yesterday's Internet-wide attack, it would appear that the attackers were making a political point, rather than attempting to extort money.
At the time of writing, the Cyberbunker website was inaccessible.