biggest_ddos_attack_in_history_slows_internet_breaks_record_at_300_gbps

The last couple of days my browser took FOREVER to load and I kept thinking I am getting so impatient.  Reading the NYT Technology section this morning I was “relieved” to hear that it wasn’t my imagination.  The Web just went through its biggest attack…ever!

An escalating cyberattack involving an antispam group (Spamhaus) and a shadowy group of attackers has now affected millions of people across the Internet.  You too?

On March 26,  security engineers said that an anonymous group unhappy with Spamhaus, which is a volunteer organization that distributes a blacklist of spammers to e-mail providers, had retaliated with a cyberattack of vast proportions. In what is called a distributed denial of service, or DDoS, attack, the assailants harnessed a powerful botnet — a network of thousands of infected computers being controlled remotely — to send attack traffic first to Spamhaus’s Web site and later to the Internet servers used by CloudFlare, a Silicon Valley company that Spamhaus hired to deflect its onslaught.

On March 27, CloudFlare described the highly technical game of cat-and-mouse between itself and Spamhaus’s opponents that has played out over the course of the last nine days. After the attackers discovered that they could not disable CloudFlare, which had been hired by Spamhaus to absorb its attack traffic, they changed their strategy.

DDOS Attack
DDOS Attack

They took aim at the networks that CloudFlare connected to and began to attack the computer servers that serve as the network’s foundation. These are specialized “peering” points at which Internet networks exchange traffic. The attackers took aim at organizations like the London, Amsterdam, Frankfurt and Hong Kong Internet exchanges, which route regional Internet traffic and are also used by sites like Google, Facebook and Yahoo to pass traffic efficiently among one another.

Veteran Internet engineers said the attack was made possible by a combination of defects, loopholes and sloppy configuration of Internet routing equipment. Indeed, a number of computer security specialists pointed out that the attacks would have been impossible if the world’s major Internet firms simply checked that outgoing data packets truly were being sent by their customers, rather than botnets. Unfortunately, a relatively small number of Internet companies actually perform this kind of check.

I wonder what tomorrow will bring?!?!?!?!

http://www.nytimes.com/2013/03/28/technology/attacks-on-spamhaus-used-internet-against-itself.html?pagewanted=all

http://www.spamhaus.org/news/article/694/ddos-update-march-2013