E-mail spam tracking organisation Spamhaus recently became victim to what has become known as the larges ever Distributed Denial of Service (DDoS) attack in history. Despite the highly targeted nature of the attack, it has nonetheless had profound effects on all internet users in Europe simply due to the scale of traffic and the resulting reduction in internet speeds across the entire network.
According to computer giant HP, this is another example of the fragility of the internet's structure, something that can be impacted dramatically by such large scaled attacks. Simon Leech, the head of European enterprise security for HP said: "The traffic itself is fairly benign, but a bigger issue is the fact that the attack is having a wider impact by slowing the whole Internet for other users".
No single solution exists to such problems but the whole internet is dependent on simple security measures such as patching, running the latest antivirus and the use of traffic filtering. Home users can also play their part, according to HP's Simon Leech, who said, "Home-based routers and modems come from the ISP with a standard password – hackers can scan those routers for default passwords – so make putting a secure password is a priority, and keep machines up to date with security patches.”
Security company Arbor Networks predicted such an attack in a press release last year which seems to have been borne out by the recent SpamHaus attack which more than trebled the previous high traffic peaks of around 100Gbps. Arbor's Dan Holden, who heads up the company's research team commented: "This attack has raised the stakes for service providers who are on the front lines of defending against attacks of this size. It is not surprising that DNS amplification was used in an attack of this size. In fact, DNS is an increasingly popular target for DDoS".
It isn't just Internet Service Providers that need to be on their toes though. nCircle sees the issue as being much wider. Andrew Storms, director of security operations at the company said: "The Spamhaus attacks underscores how critical it is for organizations to be more proactive in addressing denial of service threats. We certainly can’t stop people from launching these kinds of attacks but we should invest more in research focused on the underlying issues. Given the scope of the attacks, government incentives supporting research into mitigation tools also makes sense.”
It isn't just the scale of such attacks that should be worrying us either, but also the quantity of them, according to Kaspersky Lab who told us that these kinds of attacks are growing in both scale and quantity. A Kaspersky spokesman said, "Among the reasons for this growth is the development of the Internet itself (network capacity and computing power) and past failures in investigating and prosecuting individuals behind past attacks".