NEW: The FBI is involved in the investigation into the cyberattack, a spokesman says
A massive cyberattack is creating ripple effects for Internet users around the globe
The prolonged denial-of-service assault is targeting Spamhaus, a European spam-fighting group
Security expert: "These things are essentially like nuclear bombs"
Internet users around the globe are facing slowed-down service, thanks to what’s being called the biggest cyberattack in history.
The prolonged denial-of-service assault is targeting The Spamhaus Project, a European spam-fighting group that has gone after CyberBunker, a data-storage company that offers to host any content “except child porn and anything related to terrorism.”
The organization has been in a long-running feud with CyberBunker and claims spammers use it as a host from which to spray junk mail across the Web.
Internet security firm CloudFlare said Spamhaus contacted it last week, saying it had been hit with an attack big enough to knock its site offline.
Security experts say the attack uses more sophisticated techniques than most DDoS (distributed denial of service) attacks and targets the Web’s infrastructure, which has led to other sites performing slowly.
“It’s the biggest attack we’ve seen,” Matthew Prince, CloudFlare’s CEO, told CNN.
The FBI is involved in the investigation into the cyberattack on Spamhaus, though a bureau spokesman didn’t provide any details on the FBI’s role or the scope of the probe.
The Spamhaus Project is a nonprofit organization that patrols the Internet for spammers and publishes a list of Web servers those spammers use. According to Prince, the group may be responsible for up to 80% of all spam that gets blocked. This month, the group added CyberBunker to its blacklist.
“While we don’t know who was behind this attack, Spamhaus has made plenty of enemies over the years,” Prince wrote in a blog post. “Spammers aren’t always the most lovable of individuals, and Spamhaus has been threatened, sued and DDoSed regularly.”
In a DDoS attack, computers flood a website with requests, overwhelming its servers and causing it to crash or become inaccessible for many users.
One way to defend against those attacks, Prince said, is to deflect some of the traffic targeted at a single server onto a bunch of other servers at different locations. That’s what happened in this case, and why Web users experienced some slowdowns on other sites.
He told CNN the last big wave of the attack hit Tuesday morning, but that he doesn’t “live under the illusion” that there won’t be more.
For its part, CyberBunker isn’t taking credit for the attack. But the Dutch company, housed in a former NATO nuclear bunker, isn’t shying away, either.
“This here is the internet community puking out SpamHaus,” CyberBunker founder Sven Olaf Kamphuis told CNN. “We’ve had it with the guys … . What we see right here is the internet puking out a cancer.”
He said the owners of various websites got together on a Skype chat and hatched the plans for the attack. He says that StopHaus, a group organized to support CyberBunker in the dispute, ceased the attack after three days but that other hackers and activists kept it up after that.
Kamphuis and other critics say that Spamhaus oversteps its bounds and has essentially destroyed innocent websites in its spam-fighting efforts.
“Spamhaus itself is a more urgent danger” than spam, Kamphuis told CNN. “Pointing at websites and saying they want it shut down and then they get it shut down without any court order. That is a significantly larger threat to internet and freedom of speech and net neutrality than anything else.”
Vincent Hanna, a researcher with The Spamhaus Project, said the group’s record speaks for itself. He said the project has existed for over 12 years and its data is used to protect more than 1.7 billion e-mail accounts worldwide.
“We have 1.7 billion people looking over our shoulders to make sure we do our job right,” he said. “If we start blocking things they want, they won’t use our data any more.”
He emphasized that Spamhaus doesn’t have the power to block e-mail from anyone – it merely makes its data available for service providers and other Web companies to use.
Hanna said Spamhaus experienced its first denial-of-service attack in 2003.
“This has been the biggest for us,” he said, “but certainly not the first one.”
Cloudflare’s Prince said denying access to a website through cyberattacks is the truest assault on Web freedom.
“Our role is to allow the internet to achieve what it aspires to – that anyone, anywhere can publish any piece of information and make it accessible to anyone, anywhere else in the world,” he said. “It’s blatant censorship.
“Whether Spamhaus is a good organization or a bad organization is irrelevant to me. We protect American financial institutions, which some people think are evil, and we protect WikiLeaks, which some people think are evil.”
CNN’s Atika Shubert, Antonia Mortensen and Terry Frieden contributed to this report.