Monday, April 1, 2013

Bazooka Spam DDoS - Most Powerful Cyber Attack on the Internet

Unlike traditional botnets that could generate limiterd traffic, Bazooka Spam runs on open resolvers on big servers.

Spamhaus Project, a non profit anti-spam organization was attacked by DDoS (Distributed Denial of Service) recently and considered to be largest attack so far on the internet.

Spamhaus is based in Geneva, Switzerland and London, UK. It patrols the internet for spammers and filter unwanted email messages. It is composed of 38 investigators and forensics specialist located in 10 countries.

Spamhaus teams and staff are volunteers, funding for operations is through sponsors and donations. Aside from filtering spam data and publishing real time blacklists, they publishes the Register Of Known Spam Operations (ROKSO) - the database of 100 known professional spam senders and spam gangs worldwide.

ROKSO is used by Internet Service Providers to avoid signing up known spammers who would abused their networks and help prosecute professional spammers.

Bazooka Spam DDoS - Most Powerful Cyber Attack on the Internet?

Attack on Spamhaus reached a peak of 120 Gbps of traffic on the network.

The attack is certainly the biggest ever directed at Spamhaus and it knock their site offline. Times calls it the biggest DDoS attack ever on the internet. The Spamhaus team contacted Cloudflare and helped mitigate the attacked and keep the site online.

The attacked is like a Bazooka (open resolvers runs on big servers with fat pipes) and have shown the damage they can cause. It was large "a factor of 10 larger than the similar attacks in the recent past".

The attack was known as Layer 3 attacks which are difficult to stop with any on-premise solution. Put it simply like this, If you have a router with 10 Gbps port and someone sends you an 11 Gbps traffic, it doesn't matter what intelligent software you have to stop the attack because you network link is completely saturated.

After Spamhaus signed up on Cloudflare (March 18, 2013), the first attacked was 10 Gbps generated from open DNS recursors followed by waves of attacks peaking at 90 Gbps on March 21. The attackers were quite for a day and resumed peaking at 120 Gbps of traffic on the network on March 22.

Cloudflare uses Anycast technology to mitigate the attack. It spreads the loads of distributed attacks across all their data centers.

The questions are, are we ready for the next attack and how can attacks like these be prevented?

CloudFlare Blog
Spamhaus DDoS Attack

Related Articles:
+ Globe Joins Earth Hour and Beyond - March 25 - April 1, 2013
Globe Mobile Browsing Revenues grows 55% or P3.1 Billion for 2012
Samsung Galaxy S4 Specs Unveiled - 5" Full HD, 441 ppi, 13MP/2M Camera
Top 7 Cheapest Dual-Core Android Phones in the Philippines - Summer 2013
Globe IT System Modernization - Schedule and Available Services
DOST Opens ADMATEL - PH Semicon and Electronics Testing Lab
DOST Dengue Monitoring Alert System Goes Online
Austal Shipbuilding Opens in Philippines - 4th Largest in the World
DOST Project NOAH App - Now Available on Mobile Android
How to Register to Globe Tattoo Prepaid MAXSURF 100, 170 and 500

No comments:

Post a Comment

Related Posts Plugin for WordPress, Blogger...