Security experts warn of more mega-DDoS attacks
Brace for more mega-DDoS attacks, security experts warn
By Tom Paye, Computer News Middle East
Mar 31, 2013 11:50 AM
Distributed Denial of Service attacks like the one that resulted from an altercation between a Dutch company and Spamhaus last week are on the rise, according to a report by security firm Kaspersky Labs.
The security vendor was responding to the huge DDoS attack that occurred last week, described as the biggest cyber attack in history. The attack affected millions of rank and Internet users, slowing hundreds of processes down.
Spamhaus attacks tracked
According to reports, the DDoS attack occurred when Spamhaus, an organization that blacklists spammers, blacklisted Dutch company Cyberbunker, an open hosting service that allows anyone to set up a website on its servers.
The attack exploited the architecture of the Internet to heard huge amounts of traffic to the Spamhaus website. The attack then went global, affecting the wider Internet.
“Based on the reported scale of the attack, which was evaluated at 300 Gigabits per second, we can confirm that this is one of the largest DDoS operations to date,” said Kaspersky Lab’s Global Research and Analysis team in a statement.
“The data flow generated by such an attack may affect intermediate network nodes when it passes them, thus impeding operations of normal web services that have no relation to Spamhaus or Cyberbunker. Therefore, such DDoS attack may affect regular users as well, with network slowdown or total unavailability of certain web resources being typical symptoms. There may be further disruptions on a larger scale as the attack escalates.”
According to reports, Spamhaus called on Cloudflare to counter the attack after it found its defences were being overwhelmed. Cloudflare’s counters worked, so the hackers began attacking sites affiliated with Spamhaus, as well as sites used by Cloudflare. Before long, the attack had begun to affect service across the Internet.
Expect more attacks
While the worst of this latest high-level DDoS attack may now be over, Kaspersky said that the world could expect to see more of the same. Cyber criminals can now attack much more frequently and on a much wider scale, the statement said.
“In general, attacks of this type are growing in terms of quantity as well as scale. Among the reasons for this growth is the development of the Internet itself (network capacity and computing power) and past failures in investigating and prosecuting individuals behind past attacks.”
Kaspersky said that there are two major motives behind launching such high-level attacks. Firstly, the statement said, cyber criminals conduct DDoS attacks to disrupt organizations in order to extort money from them. Secondly, hackers use DDoS attacks as a weapon to disrupt organizations out of ideological or political interests.
Going by the reports of the recent Internet-wide attack, it would appear that the attackers were making a political point, rather than attempting to extort money.