clock menu more-arrow no yes mobile

Filed under:

'Largest' public denial of service attack in internet history linked to European spam dispute

New, 17 comments
Cyberbunker exterior (from <a href="" target="new">company website</a>).
Cyberbunker exterior (from company website).

If your internet service has been running slower than usual lately, your cable company may not be the one to blame: a massive distributed denial of service (DDoS) attack that began on March 18 against the website of Spamhaus, a European volunteer spam-fighting organization, has increased to the point that it's now affecting websites around the globe, including Netflix, according to The New York Times and the BBC. Experts said it was the largest attack of its kind publicly identified, and Spamhaus told the BBC that law enforcement in five different countries were investigating the attacks.

Spamhaus accused of "abusing their influence."

The precise identity of the attackers remains unknown for now, but the Times and BBC quoted Sven Olaf Kamphuis as their spokesperson. Kamphuis said the attacks were being carried out in retaliation for Spamhaus's recent move to add a libertine Dutch domain hosting company named Cyberbunker to its list of suspected spam-hosting websites. Spamhaus recommends email operators block all traffic from the sites on this list, but Kamphuis accused Spamhaus of "abusing their influence." Cyberbunker maintains it doesn't host spammy domains.

It's not the first time that Spamhaus has been attacked, nor the first time it has accused Cyberbunker of hosting spammy domains. The feud between the two goes back to 2011, but this seems to be the first time it's spilled out onto the wider web in such a dramatic way.

"Customers are allowed to host any content they like, except child porn and anything related to terrorism."

For what it's worth, Cyberbunker, located in an actual Cold War-era nuclear bunker in the Netherlands, openly advertises that its "customers are allowed to host any content they like, except child porn and anything related to terrorism. Everything else is fine." It's also publicly clashed with local government officials and says it has "had several run-ins with the law," for protecting customer anonymity and data. Spamhaus, meanwhile, has been likened to an older "group of anti-spam vigilantes" that got "carried away" and added non-spam sites to its list, according to Y Combinator founder Paul Graham.

Whoever is behind the attacks on Spamhaus this time, they managed to set a record amount of traffic used to commit a DDoS attack, 300 gigabits per second, according to the Times. DDoS attacks work by flooding websites with more traffic than they are equipped to handle, but most of these types of attacks are much smaller, around 10 gigabits per second. To mitigate this record attack, Spamhaus turned to security firm Cloudflare, who seems to have done the trick, as Spamhaus is now back online. It's unclear where the dispute between the two European web groups goes from here, but hopefully whatever happens next, they keep the rest of us out of it.