Things on the web feel a little sluggish today? You aren't imagining things. Security experts claim that the largest cyberattack in Internet history is happening right now, slowing services like Netflix to a crawl and making other global websites completely unreachable. The traffic jam is all due to a very public spat between a Dutch webhosting company and a quiet spam-fighting organization. Here's what you need to know:
What's going on?
Spamhaus is a nonprofit that — you guessed it — helps organizations fight spam and other unwanted stuff by providing them with content filters. The company keeps tabs of malicious servers on exhaustive blacklists. The trouble began when Spamhaus blacklisted a Dutch company called CyberBunker, a service that offers hosting to any kind of website "except child porn and anything related to terrorism." A CyberBunker spokesman said that Spamhaus was abusing its power, and should not be allowed to decide "what goes and does not go on the Internet."
So who's attacking whom?
Spamhaus says CyberBunker has been retaliating with powerful distributed denial of service, or DDoS, attacks. The attacks, which Spamhaus claims started on March 19, are reaching "previously unknown magnitudes, growing to a data stream of 300 billion bits per second," says the New York Times. (For comparison, similar DDoS attacks that crippled major banks peaked at 50 billion bits.) "It's a real number," says Patrick Gilmore, chief architect of Akamai Technologies, a digital content provider. "It is the largest publicly announced DDoS attack in the history of the Internet."
So CyberBunker is attacking Spamhaus directly?
Not exactly. CyberBunker doesn't appear to be responding to anyone's request for comment. Spamhaus, on the other hand, asserts that CyberBunker is cooperating with "criminal gangs" from Eastern Europe and Russia to coordinate the DDoS attacks. These attacks are said to be organized by "swarms of computers called botnets," says the Times. The technique "uses a long-known flaw in the Internet's basic plumbing," akin to "using a machine gun to spray an entire crowd when the intent is to kill one person." In other words, it's causing a major data pileup.
Who are these attacks affecting?
Not to get too technical, but the reason these attacks are so crippling is because they are flooding Spamhaus' Domain Name System, or DNS, with massive amounts of its own data. Spamhaus hosts 80 servers around the world, and hackers are "targeting every part of the Internet infrastructure that they feel can be brought down," says Steve Linford, chief executive of Spamhaus. As such, millions of Internet users trying to access the web may be experiencing delays. Security experts are concerned that as the attacks get more powerful, basic Internet services like email and banking may be jeopardized.
Who first discovered the attacks?
The attacks were first mentioned publicly by a Silicon Valley firm called CloudFlare, which was hired by Spamhaus for security. However, in trying to defend against the DDoS attacks, it, too, ended up being attacked. "These things are essentially like nuclear bombs," said CloudFlare chief executive Matthew Prince. "It's so easy to cause so much damage." Now, other companies like Google are doing their part to make sure the Internet holds together, and are lending Spamhaus resources to "absorb all this traffic."