People around the world have been experiencing a slower internet due to a massive denial of service attack (DDOS) targeting the domain name infrastructure.
The DDOS attack comes after a disagreement between non-profit organisation Spamhaus and a Dutch hosting company called Cyberbunker. Spamhaus offers a list of servers that have been blacklisted for sending spam messages, helping email providers block such messages, and Cyberbunker is a “bad boy” hosting company that offers to host anything that is not child pornography or related to terrorism.
The disagreement comes after Spamhaus blacklisted a number of Cyberbunker servers, essentially blocking Cyberbunker users from sending email or providing other services, claiming that Cyberbunker was being used by criminal gangs from Eastern Europe.
It is notoriously difficult to find the origin of DDOS attack as the hackers generally use “botnets” of thousands of consumer PCs that are infected with malware, meaning the hackers can control them without the knowledge of their owners. However, five separate national cyber-police forces are reported to be investigating the attack.
The attack focuses on domain name (DNS) servers, which are part of the backbone of the internet that translate domain names such as TechFruit.com or Descrier.co.uk into the websites’ numerical internet protocol addresses. These servers were known to be one of the bottlenecks of internet structure, and this attack verifies that information. Whilst the focus of these attacks may be relatively local, aimed at the Spamhaus DNS servers, the knock-on effects are much wider, with connections being slowed across a number of services including high bandwidth streaming services like Netflix here the slower speed would be most noticeable. The scale of the attack is also unprecedented, with Spamhaus reporting data floods of These attacks are peaking at 300gb/s (gigabits per second), when a “normal” DDOS attack on a high profile target such as a bank would be around 50gb/s
On top of the effects of this attack, Egyptian internet users have had the added issue of the undersea Alexandria internet cable being severed causing widespread routing issues, although the cause of this is currently unknown.
[Image courtesy of GetButterfly]