LONDON (AP) — A record-breaking cyberattack targeting an anti-spam watchdog group has sent ripples of disruption coursing across the Web, experts said Wednesday.
Spamhaus, a site responsible for keeping ads for counterfeit Viagra and bogus weight-loss pills out of the world's inboxes, said it had been buffeted by the monster denial-of-service attack since mid-March, apparently from groups angry at being blacklisted by the Swiss-British group.
"It is a small miracle that we're still online," Spamhaus researcher Vincent Hanna said.
Denial-of-service attacks overwhelm a server with traffic — like hundreds of letters being jammed through a mail slot at the same time. Security experts measure those attacks in bits of data per second. Recent cyberattacks — like the ones that caused persistent outages at U.S. banking sites late last year — have tended to peak at 100 billion bits per second.
But the furious assault on Spamhaus has shattered the charts, clocking in at 300 billion bits per second, according to San Francisco-based CloudFlare Inc., which Spamhaus has enlisted to help it weather the attack.
"It was likely quite a bit more, but at some point measurement systems can't keep up," CloudFlare chief executive Matthew Prince wrote in an email.
Patrick Gilmore of Akamai Technologies said that was no understatement.
"This attack is the largest that has been publicly disclosed — ever — in the history of the Internet," he said.
It's unclear who exactly was behind the attack, although a man who identified himself as Sven Olaf Kamphuis said he was in touch with the attackers and described them as mainly consisting of disgruntled Russian Internet service providers who had found themselves on Spamhaus' blacklists. There was no immediate way to verify his claim.
He accused the watchdog of arbitrarily blocking content that it did not like. Spamhaus has widely used and constantly updated blacklists of sites that send spam.
"They abuse their position not to stop spam but to exercise censorship without a court order," Kamphuis said.
Gilmore and Prince said the attack's perpetrators had taken advantage of weaknesses in the Internet's infrastructure to trick thousands of servers into routing a torrent of junk traffic to Spamhaus every second.
The trick, called "DNS reflection," works a little bit like mailing requests for information to thousands of different organizations with a target's return address written across the back of the envelopes. When all the organizations reply at once, they send a landslide of useless data to the unwitting addressee.
Both experts said the attack's sheer size has sent ripples of disruptions across the Internet as servers moved mountains of junk traffic back and forth across the Web.
"At a minimum there would have been slowness," Prince said, adding in a blog post that "if the Internet felt a bit more sluggish for you over the last few days in Europe, this may be part of the reason why."
At the London Internet Exchange, where service providers exchange traffic across the globe, spokesman Malcolm Hutty said his organization had seen "a minor degree of congestion in a small portion of the network."
But he said it was unlikely that any ordinary users had been affected by the attack.
Hanna said his site had so far managed to stay online, but warned that being knocked off the Internet could give spammers an opening to step up their mailings — which may mean more fake lottery announcements and pitches for penny stocks heading to people's inboxes.
Hanna denied claims that his organization had behaved arbitrarily, noting that his group would lose its credibility if it started flagging benign content as spam.
"We have 1.7 billion people who watch over our shoulder," he said. "If we start blocking emails that they want, they will obviously stop using us."
Gilmore of Akamai was also dismissive of the claim that Spamhaus was biased.
"Spamhaus' reputation is sterling," he said.
Our 2024 Coverage Needs You
It's Another Trump-Biden Showdown — And We Need Your Help
The Future Of Democracy Is At Stake
Our 2024 Coverage Needs You
Your Loyalty Means The World To Us
As Americans head to the polls in 2024, the very future of our country is at stake. At HuffPost, we believe that a free press is critical to creating well-informed voters. That's why our journalism is free for everyone, even though other newsrooms retreat behind expensive paywalls.
Our journalists will continue to cover the twists and turns during this historic presidential election. With your help, we'll bring you hard-hitting investigations, well-researched analysis and timely takes you can't find elsewhere. Reporting in this current political climate is a responsibility we do not take lightly, and we thank you for your support.
Contribute as little as $2 to keep our news free for all.
Can't afford to donate? Support HuffPost by creating a free account and log in while you read.
The 2024 election is heating up, and women's rights, health care, voting rights, and the very future of democracy are all at stake. Donald Trump will face Joe Biden in the most consequential vote of our time. And HuffPost will be there, covering every twist and turn. America's future hangs in the balance. Would you consider contributing to support our journalism and keep it free for all during this critical season?
HuffPost believes news should be accessible to everyone, regardless of their ability to pay for it. We rely on readers like you to help fund our work. Any contribution you can make — even as little as $2 — goes directly toward supporting the impactful journalism that we will continue to produce this year. Thank you for being part of our story.
Can't afford to donate? Support HuffPost by creating a free account and log in while you read.
It's official: Donald Trump will face Joe Biden this fall in the presidential election. As we face the most consequential presidential election of our time, HuffPost is committed to bringing you up-to-date, accurate news about the 2024 race. While other outlets have retreated behind paywalls, you can trust our news will stay free.
But we can't do it without your help. Reader funding is one of the key ways we support our newsroom. Would you consider making a donation to help fund our news during this critical time? Your contributions are vital to supporting a free press.
Contribute as little as $2 to keep our journalism free and accessible to all.
Can't afford to donate? Support HuffPost by creating a free account and log in while you read.
As Americans head to the polls in 2024, the very future of our country is at stake. At HuffPost, we believe that a free press is critical to creating well-informed voters. That's why our journalism is free for everyone, even though other newsrooms retreat behind expensive paywalls.
Our journalists will continue to cover the twists and turns during this historic presidential election. With your help, we'll bring you hard-hitting investigations, well-researched analysis and timely takes you can't find elsewhere. Reporting in this current political climate is a responsibility we do not take lightly, and we thank you for your support.
Contribute as little as $2 to keep our news free for all.
Can't afford to donate? Support HuffPost by creating a free account and log in while you read.
Dear HuffPost Reader
Thank you for your past contribution to HuffPost. We are sincerely grateful for readers like you who help us ensure that we can keep our journalism free for everyone.
The stakes are high this year, and our 2024 coverage could use continued support. Would you consider becoming a regular HuffPost contributor?
Dear HuffPost Reader
Thank you for your past contribution to HuffPost. We are sincerely grateful for readers like you who help us ensure that we can keep our journalism free for everyone.
The stakes are high this year, and our 2024 coverage could use continued support. If circumstances have changed since you last contributed, we hope you'll consider contributing to HuffPost once more.
Support HuffPostAlready contributed? Log in to hide these messages.