Global internet services have been slowed down after one of the largest cyber attacks in history with the targeting of a spam blocking organisation, Spamhaus, and experts warn things could get worse.
According to Kaspersky Lab the attack on Spamhaus was so significant that it resulted in the slowdown of global internet services and other kinds of disruptions.
Spamhaus, a London and Geneva based non-profit group that stops spam messages for email providers, was for more than a week subjected to distributed denial of service (DDoS).
Kaspersky said the attack is the biggest DDoS to date with the possibility of further disruptions as the attack continues.
“Based on the reported scale of the attack, which was evaluated at 300 Gigabits per second, we can confirm that this is one of the largest DDoS operations to date. There may be further disruptions on a larger scale as the attack escalates,” online security firm Kaspersky Lab said in a statement.
Spamhaus basically filters as much as 80 per cent of spam and publishes blacklists used by internet service providers (ISPs) to keep spam out of email traffic.
As to how the attack was carried out the perpetrators flooded servers with messages from multiple systems making it hard for the spam filter servers to respond to legitimate traffic.
National Computing Centre’s group technical director Paul Vlissidis said the attacks involve computers generating too much traffic which has a knock-on effect on the rest of the internet.
“If you have a few computers sending large amounts of traffic you can filter them out easily. When literally thousands and thousands are involved it makes it much, much harder,” Vlissidis told Reuters.
British Think Broadband, that tests the speed of broadband speeds, has however said the internet speeds remained normal saying the attack might have disrupted specific sites and services.
For now Spamhaus chief executive Steve Linford has said the attacks are targeting the organisation’s internet infrastructure that seems vulnerable although Cloudfare, which provides protection and acceleration of any website, has helped in mitigation.
“We’ve been under this cyber-attack for well over a week. They are targeting every part of the internet infrastructure that they feel can be brought down,” said Linford.
Initial investigations point at Dutch hosting company CyberBunker that hosts servers in a former nuclear bunker and specializes in anything that is not child porn or terrorism.
Just earlier this month Spamhaus blacklisted CyberBunker with a spokesman for CyberBunker Olaf Kamphuis saying the spam blocker was abusing its influence.
The attack has increased from 10Gb/S, when it was was first reported on March 18 to around 300Gb/s with experts now warning the scale threatens core routers that join the internet’s disparate networks.