Global internet slows after 'biggest attack in history'


The BBC's Rory Cellan-Jones explains why the attack is like a "motorway jam", alongside expert David Emm from Kaspersky Lab

Related Stories

The internet around the world has been slowed down in what security experts are describing as the biggest cyber-attack of its kind in history.

A row between a spam-fighting group and hosting firm has sparked retaliation attacks affecting the wider internet.

Experts worry that the row could escalate to affect banking and email systems.

Five national cyber-police-forces are investigating the attacks.

Spamhaus, a group based in both London and Geneva, is a non-profit organisation that aims to help email providers filter out spam and other unwanted content.

To do this, the group maintains a number of blocklists - a database of servers known to be being used for malicious purposes.

Recently, Spamhaus blocked servers maintained by Cyberbunker, a Dutch web host that states it will host anything with the exception of child pornography or terrorism-related material.

Sven Olaf Kamphuis, who claims to be a spokesman for Cyberbunker, said, in a message, that Spamhaus was abusing its position, and should not be allowed to decide "what goes and does not go on the internet".

Spamhaus has alleged that Cyberbunker, in cooperation with "criminal gangs" from Eastern Europe and Russia, is behind the attack.

Cyberbunker has not responded to the BBC's request for comment.

'Immense job'

Steve Linford, chief executive for Spamhaus, told the BBC the scale of the attack was unprecedented.

"We've been under this cyber-attack for well over a week.

'Decapitating the internet'

Internet browser address bar

Writing exactly one year ago for the BBC, Prof Alan Woodward predicted the inherent weaknesses in the web's domain name system.

He wrote: "It is essentially the phone book for the internet. If you could prevent access to the phone book then you would effectively render the web useless."

Read Prof Woodward's full article

"But we're up - they haven't been able to knock us down. Our engineers are doing an immense job in keeping it up - this sort of attack would take down pretty much anything else."

Mr Linford told the BBC that the attack was being investigated by five different national cyber-police-forces around the world.

He claimed he was unable to disclose more details because the forces were concerned that they too may suffer attacks on their own infrastructure.

The attackers have used a tactic known as Distributed Denial of Service (DDoS), which floods the intended target with large amounts of traffic in an attempt to render it unreachable.

In this case, Spamhaus's Domain Name System (DNS) servers were targeted - the infrastructure that joins domain names, such as, the website's numerical internet protocol address.

Mr Linford said the attack's power would be strong enough to take down government internet infrastructure.

"If you aimed this at Downing Street they would be down instantly," he said. "They would be completely off the internet."

He added: "These attacks are peaking at 300 Gbps (gigabits per second).

"Normally when there are attacks against major banks, we're talking about 50 Gbps"

Clogged-up motorway

The knock-on effect is hurting internet services globally, said Prof Alan Woodward, a cybersecurity expert at the University of Surrey.

"If you imagine it as a motorway, attacks try and put enough traffic on there to clog up the on and off ramps," he told the BBC.

"With this attack, there's so much traffic it's clogging up the motorway itself."

Arbor Networks, a firm which specialises in protecting against DDoS attacks, also said it was the biggest such attack they had seen.

"The largest DDoS attack that we have witnessed prior to this was in 2010, which was 100 Gbps. Obviously the jump from 100 to 300 is pretty massive," said Dan Holden, the company's director of security research.

"There's certainly possibility for some collateral damage to other services along the way, depending on what that infrastructure looks like."

Spamhaus said it was able to cope as it has highly distributed infrastructure in a number of countries.

The group is supported by many of the world's largest internet companies who rely on it to filter unwanted material.

Mr Linford told the BBC that several companies, such as Google, had made their resources available to help "absorb all of this traffic".

The attacks typically happened in intermittent bursts of high activity.

"They are targeting every part of the internet infrastructure that they feel can be brought down," Mr Linford said.

"Spamhaus has more than 80 servers around the world. We've built the biggest DNS server around."


More on This Story

Related Stories


This entry is now closed for comments

Jump to comments pagination
  • rate this

    Comment number 146.

    computers makes people fat"

    That comment is "Virgin" on the ridiculous - Well stop "DOS'ing" around and don't take so many megabytes then you'll keep ya bandwidth down....

    Was that PC enough??

  • rate this

    Comment number 145.

    What does buying security do for your computer?
    Only to find that their is a back door left open somewhere within that security program and wait for the latest security updates but it's too late it was known and found and probably exploited.
    Then you need to buy their latest security software every year or so Money Money Money gone mad!

  • rate this

    Comment number 144.

    What's all this about spam? Seriously, don't you people know how to use mail filters? 2000 spam a day? I get maybe 2 or 3 a quarter that gets past my spam filters. I'm also careful who I give my email address to. It's not rocket science... although a decent ISP is helpful, not one of these £2.00 a month cowboys...

  • rate this

    Comment number 143.

    128. mywayorthehighway
    The internet. The last bastion of freedom, which will not be the case for much longer.
    Freedom to distribute child porn isn't the sort of freedom I'm going to fight for!

  • rate this

    Comment number 142.

    @7. flipmode

    Oh the irony. You choose to post on a comment board using an online ID name then claim people should communicate with real people.

    The internet is much more than just facebook, twitter and the like. The fact that you posted a comment, one would assume that you read the article and further assume you use the internet for news updates. Any disruption to the net would then affect you.

  • rate this

    Comment number 141.

    117. paulmerhaba
    "Isn't spam a posh luncheon-meat, or is it the other way around."

    Spam (R) is the posh one, generic pork luncheon is just the same but nearly half the price. I love it.

  • rate this

    Comment number 140.

    Its ok saying force people to keep there computers updated or face having internet connections disconnected but if i don't want to update for some reason im not updating and i don't think its fair to be penalized for that.

    As a computer engineer and beta tester for many things I know from experience that updating can be worse than not updating.

  • rate this

    Comment number 139.

    128. mywayorthehighway bastion of freedom? It's normally the bastion of those in the know trolling, picking on, and bullying other people, without the need for the courage to be present. That isn't freedom, it's virtual abuse hidden under the banner of some sort of free speech ideology. But it just proves itself time and time again to be just as unfair to people as most other areas of life.

  • rate this

    Comment number 138.

    What a sad state of affairs, many people posting on here seem to think that as an internet user there is no onus for your computer being 'safe' to exchange data with others. They are probably the same people moaning about big brother etc.

    WAKE UP! these DOS are possible because people don't have the consideration for their fellow internet user.

    ISP's should block unsecured computers!

  • rate this

    Comment number 137.

    If no one ever read spam, or replied to the products they are advertising then you would have thought it would die out? Advertisers arent going to pay for something that doesnt work and I m sure spam companies arent just doing there thing for giggles???

  • rate this

    Comment number 136.

    Why is it that if the internet has slowed down, only the spam is not affected ?
    I think cyberbunker were hoodwinked by some of their users and now would rather fight than admit they were and lose face.
    I'm waiting for the MPAA to blame slow down on internet piracy .
    If the criminal gangs want to fight why not fight the chinese cyber terror units?

  • rate this

    Comment number 135.

    The world needs a concerted effort to prosecute these individuals who cause such mayhem in the internet world. They should get long jail sentences with no parole. These attacks are attacks against society and these criminals are no better than drug traffickers and dealers.

  • rate this

    Comment number 134.

    In the world of cyberspace, it seems that the good and the bad are constantly leapfrogging one another in a bid to gain ascendancy. Surely there must come a time when the internet is hit by a virus so complicated that nothing can be done to protect it.

    I wonder if that will be the signal to return to good-old phone calls, letters and even face-to-face chats?

  • rate this

    Comment number 133.

    Those wo don't like Chinese regime's hackers can always approve of puntinesqe Russia's hackers.

    [North Korean hackers still being inept]

  • rate this

    Comment number 132.

    is redan_white truly to naive to think criminals would pursue a legal channel to obtain a firearm.

  • rate this

    Comment number 131.

    This reporting reads as a press release. Spamhaus tells the journalist that they are under a cyberattack that would have overwhelmed any other organisation on the planet but their infrastructure is designed to handle this sort of thing. Linford says cyber-police-forces are investigating so he can't give us evidence. Recent history of internet traffic shows me no such attack is happening at all.

  • rate this

    Comment number 130.

    "We can't be brought down." Titanic anyone? And I know that both Google DNS and OpenDNS have larger infrastructures. I've had my share of run ins with Spamhaus, and while they do provide a useful service, they also have a history of overstepping their bounds.

  • rate this

    Comment number 129.

    This is criminal action pure and simple that damages everyone irrespective of politics, class, race, income, sexual preference etc.etc. It should be dealt with as such.

  • rate this

    Comment number 128.

    The internet. The last bastion of freedom, which will not be the case for much longer.

  • rate this

    Comment number 127.

    WAIT!! Who's screen is that showing at the top of this page???

    "Amaze her with your toy" - It surely has to be Boris Johnson's!!!!


Page 23 of 30


More Technology stories



BBC © 2014 The BBC is not responsible for the content of external sites. Read more.

This page is best viewed in an up-to-date web browser with style sheets (CSS) enabled. While you will be able to view the content of this page in your current browser, you will not be able to get the full visual experience. Please consider upgrading your browser software or enabling style sheets (CSS) if you are able to do so.