Internet slowed by cyber attack on spam blocker

LONDON Wed Mar 27, 2013 4:32pm EDT

A man types on a computer keyboard in Warsaw in this February 28, 2013 illustration file picture. REUTERS/Kacper Pempel/Files

A man types on a computer keyboard in Warsaw in this February 28, 2013 illustration file picture.

Credit: Reuters/Kacper Pempel/Files

Related Topics

LONDON (Reuters) - One of the largest ever cyber attacks is slowing global internet services and the disruption could get worse, experts said on Wednesday, after an organization blocking "spam" content became a target.

Spamhaus, a London and Geneva-based non-profit group which helps weed out unsolicited "spam" messages for email providers, said it had been subjected to "distributed denial of service" (DDoS) attacks on an unprecedented scale for more than a week.

"Based on the reported scale of the attack, which was evaluated at 300 Gigabits per second, we can confirm that this is one of the largest DDoS operations to date," online security firm Kaspersky Lab said in a statement.

"There may be further disruptions on a larger scale as the attack escalates."

Spamhaus publishes blacklists used by internet service providers (ISPs) to weed out spam in email traffic.

The group is directly or indirectly responsible for filtering as much as 80 percent of daily spam messages, according to Cloudflare, a company that said it was helping Spamhaus mitigate the attack.

"We've been under this cyber-attack for well over a week," Steve Linford, chief executive of Spamhaus, told the BBC. "They are targeting every part of the internet infrastructure that they feel can be brought down."

Perpetrators of DDoS attacks typically target websites by flooding servers with messages from multiple systems so they cannot identify and respond to legitimate traffic.

Paul Vlissidis, group technical director at internet security firm NCC, said the volumes of traffic involved in the attack were having a knock-on effect on the rest of the internet.

Because many computers were involved in the attack, it was difficult to defend against.

"If you have a few computers sending large amounts of traffic you can filter them out easily. When literally thousands and thousands are involved it makes it much, much harder," he told Reuters.

However, according to thinkbroadband, an independent British information website which allows users to test their broadband speed, there appeared to be little evidence of a slowdown.

"Of course it is possible that people may be finding some services or sites they access over the Internet are performing slower than usual ... but there appears to be no evidence to say that UK broadband users have been slowed down across the board," it said on its blog.

(Reporting by Paul Sandle, Kate Holton and Michael Holden; Editing by Peter Graff)

We welcome comments that advance the story through relevant opinion, anecdotes, links and data. If you see a comment that you believe is irrelevant or inappropriate, you can flag it to our editors by using the report abuse links. Views expressed in the comments do not represent those of Reuters. For more information on our comment policy, see
Comments (5)
usagadfly wrote:
Something here just makes no sense. Why would spammers, who are motivated by money, waste resources attacking a spam filter outfit? This sounds as false as Dick Cheney’s claim that Iraq’s Saddam Hussein, an atheistic socialist, was in league with the religious fundamentalist Al Qaeda. Of course that was a deliberate lie. So is this.

The real question is who benefits by this story? Does this justify further seizure of the internet by governments? If not, what DOES it justify?

Mar 27, 2013 4:27pm EDT  --  Report as abuse
QuietThinker wrote:
If the spammers feel that their spam is not getting through, it makes sense to attack the spam filter producers. Since they already control many computers for sending spam, it doesn’t cost much to mount a DOS attack. However, usagadfly is probably correct about Cheney.

Mar 27, 2013 4:47pm EDT  --  Report as abuse
Burns0011 wrote:
Cyberbunker is a hosting company. An anti-spam organization that blocks Cyberbunker also blocks everything else Cyberbunker hosts, and threatens Cyberbunker’s income stream.

This is really a very poorly thought out attack on Cyberbunker’s part, and the scale of the attack also points out that Cyberbunker has many clients who are involved in criminal activities, as evidenced by the botnets that are part of the attack.

Mar 27, 2013 7:01pm EDT  --  Report as abuse
This discussion is now closed. We welcome comments on our articles for a limited period after their publication.