Skip to main content

BIGGEST EVER' CYBER ATTACK Slows Down Internet

Are you Suffering from slow internet speed, today. Believe it The Internet is under Massive attack . 
The internet around the world has been slowed down in what security experts are describing as the biggest cyber-attack of its kind in history.
 A row between a spam-fighting group and hosting firm has sparked retaliation attacks affecting the wider internet.
David Emm from Kaspersky Lab and the BBC's Rory Cellan-Jones examine what the implications are for web users.
 
Hundreds of thousands of Britons are unsuspecting participants in one of the internet's biggest cyber-attacks ever – because their broadband router has been subverted.

Spamhaus, which operates a filtering service used to weed out spam emails, has been under attack since 18 March after adding a Dutch hosting organisation called Cyberbunker to its list of unwelcome internet sites. The service has "made plenty of enemies", said one expert, and the cyber-attack appeared to be retaliation.
A collateral effect of the attack is that internet users accustomed to high-speed connections may have seen those slow down, said James Blessing, a member of the UK Internet Service Providers' Association (ISPA) council.
"It varies depending on where you are and what site you're trying to get to," he said. "Those who are used to it being really quick will notice." Some people accessing the online streaming site Netflix reported a slowdown.
Spamhaus offers a checking service for companies and organisations, listing internet addresses it thinks generate spam, or which host content linked to spam, such as sites selling pills touted in junk email. Use of the service is optional, but thousands of organisations use it millions of times a day in deciding whether to accept incoming email from the internet.
Cyberbunker offers hosting for any sort of content as long, it says, as it is not child pornography or linked to terrorism. But in mid-March Spamhaus added its internet addresses to its blacklist.
In retaliation, the hosting company and a number of eastern European gangs apparently enlisted hackers who have in turn put together huge "botnets" of computers, and also exploited home and business broadband routers, to try to knock out the Spamhaus system.
"Spamhaus has made plenty of enemies over the years. Spammers aren't always the most lovable of individuals, and Spamhaus has been threatened, sued and [attacked] regularly," noted Matthew Prince of Cloudflare, a hosting company that helped the London business survive the attack by diverting the traffic.
Rather than aiming floods of traffic directly at Spamhaus's servers – a familiar tactic that is easily averted – the hackers exploited the internet's domain name system (DNS) servers, which accept a human-readable address for a website (such as guardian.co.uk) and spit back a machine-readable one (77.91.248.30). The hackers "spoofed" requests for lookups to the DNS servers so they seemed to come from Spamhaus; the servers responded with huge floods of responses, all aimed back at Spamhaus.
Some of those requests will have been coming from UK users without their knowledge, said Blessing. "If somebody has a badly configured broadband modem or router, anybody in the outside world can use it to redirect traffic and attack the target – in this case, Spamhaus."
Many routers in the UK provided by ISPs have settings enabled which let them be controlled remotely for servicing. That, together with so-called "open DNS" systems online which are known to be insecure helped the hackers to create a flood of traffic.
"British modems are certainly being used for this," said Blessing, who said that the London Internet Exchange — which routes traffic in and out of the UK — had been helping to block nuisance traffic aimed at Spamhaus.
The use of the DNS attacks has experts worried. "The No 1 rule of the internet is that it has to work," Dan Kaminsky, a security researcher who pointed out the inherent vulnerabilities of the DNS years ago, told AP.
"You can't stop a DNS flood by shutting down those [DNS] servers because those machines have to be open and public by default. The only way to deal with this problem is to find the people doing it and arrest them."
 

Comments

Popular posts from this blog

LG’s first flexible OLED phone due before the year is out

LG plans to launch a flexible OLED smartphone before the end of the year, the company’s VP of mobile has confirmed, though it’s unclear to what extent the work-in-progress handset will actually flex. The OLED panel in question is the handiwork of LG Display according to VP of LG mobile Yoon Bu-hyun, the WSJ  reports, with the proposed device set to launch sometime in Q4. LG Display’s work on flexible OLEDs has been underway for some time, though the company’s efforts have perhaps been overshadowed somewhat by rival Samsung’s YOUM development. Last year, according to a Korea Times report, LG Display was preparing for

Syrian Electronic Army claims credit for CBS Twitter accounts hack

Yesterday, several of CBS ’s Twitter accounts were hacked, including its main account, and its accounts for 60 Minutes, 48 Hours, and CBS Denver. The hackers got into the account and tweeted a series of things relating to President Obama and the United States being in cahoots with Al-Qaeda . The tweets also had links that led users to malware-infested sites. While CBS was able to regain access to its accounts, it was unable to figure out who was behind the attacks, until now. The Syrian Electronic Army , the same group that hacked 3 of the BBC’s Twitter accounts, claimed

Can Technology Do a Better Job of Finding Bombs?

 With the horrifying images of the Boston Marathon bombing still much too fresh in our minds, and with citywide marathons coming up this weekend in London, Hamburg, and Salt Lake City , law enforcement officers and citizens everywhere are asking how to prevent the tragedy from being repeated. As Columbia University School of International and Public Affairs adjunct professor Abraham Wagner observed last year, on the 11th anniversary of 9/11, there’s “no magic bullet o