Dutch DDoS one of the biggest, but did it rock the Internet?
This week has seen possibly one of the biggest distributed denial of service (DDoS) attacks ever, but did it really rock the very core of the Internet?
Run for your lives! The Internet is in flames! Except, as will be obvious if you're reading this, it's not. Still, this week has seen possibly one of the biggest distributed denial of service (DDoS) attacks ever.
A spat between two Dutch online institutions has highlighted vulnerabilities within the Internet, but reports differ in terms of the effects of the wider Web. The New York Times says the attack was responsible for "causing widespread congestion and jamming crucial infrastructure," but actual monitoring -- as outlined by Gizmodo -- suggests that's overstating things.
Online scrap
The online scrap involves Spamhaus, a not-for-profit organisation that lists sources of spam, and CyberBunker, an ask-no-questions hosting company that provides Internet services to anyone short of child porn-peddlers and terrorists. CyberBunker threw its toys out of the pram when blacklisted by Spamhaus and launched an armada of botnets in response.
The attack used botnets to send an initial reflection request to misconfigured DNS Servers to amplify the power of a smaller botnet, generating vast waves of traffic to overwhelm the target. The attack is reported to have peaked at about 300Gbps of DDoS.
Some reports suggest that services such as Netflix have been disrupted, but I've contacted Netflix and we've yet to have that confirmed.
'Alarming trend'
The online security industry has raced to tell us things are only going to get worse. AnchorFree, which makes security tool Hotspot Shield, says that even if it's not the biggest, the attack is "certainly up there" and part of "an alarming trend".
What can you do to avoid being caught up in the fallout of such Internet donnybrooks? Not much. The vulnerability highlighted by this attack involves misconfigured or insecure DNS servers, which allow a relatively small number of botnets to amplify their nefarious activity. Online security firm Sophos calls for DNS administrators configure recursive name servers to only reply to their own network, or apply filtering to public DNS for abusive queries.
Have you experienced any problems with your Internet this week? Tell me your thoughts in the comments or on our Facebook page.