Do you ever get emails promoting miraculous weight-loss pills or counterfeit Viagra? These are probably the spam emails that everyone’s heard of and that frequently land in our inboxes. And they are exactly the type of web content Spamhaus fights against.
Spamhaus is a non-profit antispam organisation that helps email providers filter out spam and other unwanted content. It doesn’t block any data itself, but it blacklists servers known to generate spam or to host content linked to spam. And its services are used by thousands of organisations to decide whether to accept incoming emails.
In the last couple of days we’ve seen a lot of headlines announcing a global internet slowdown, following a massive attack on Spamhaus’ servers. So, here at BullGuard, we’ve dug a bit deeper to see just how big was the impact of the Spamhaus attack on the world wide web.
A massive DDoS attack: reasons and scope
A couple of weeks ago, in its efforts to keep junk out of people’s inboxes, Spamhaus blacklisted servers maintained by Cyberbunker, a Dutch web-hosting company, for allegedly distributing spam. Since then, the Spamhaus website has come under several DDoS attacks. Allegedly, Russian and other Eastern European criminal groups supporting Cyberbunker have tried to take down Spamhaus’ servers by flooding them with large amounts of internet traffic in an attempt to make them unreachable. This makes the attack on Spamhaus the biggest in the history of DDoS attacks.
"These attacks are peaking at 300 Gbps (gigabits per second),” said Spamhaus CEO, Steve Linford, in an interview for the BBC. It is a fairly huge amount of traffic that could take down an entire governmental internet infrastructure. But Spamhaus hasn’t collapsed. However, some internet services may have registered a rather sluggish activity.
But have the attacks been able to slow down the internet on a global scale, as you’ve probably heard from several news sources, including the BBC? No. As it turns out, the internet traffic congestion caused by the attacks is only peaking in two areas – the UK and Germany/Netherlands, where the two companies are based – causing internet slowdowns there, but not globally.
What does the future hold?
“Hat off for Spamhaus. Here at BullGuard, we’re all about making the internet a safer place and we very much appreciate their efforts to counter the spread of unwanted email content, which may very well pass as abusive,” said BullGuard’s Alex Balan, Head of Product Management.”
Due to events taking place over the past 5 years, activism in the cyberspace is being perceived as communities gathering to protest and to make a stand. But unfortunately, the form that has been making headlines the most is “hacktivism.”
“Entities such as Spamhaus are activists trying to gather as much as possible of the internet community to actively block illegal or damaging activities, or report attacks and spam sources in order to make the internet a safer place. Now, let’s say your company was the source of a significant spam wave because of a customer you chose to offer your services to. So you get blacklisted and you and all your other customers are greatly affected by not being able to send emails. The natural course of action would be to figure out if indeed you WERE the source of the problem and, if so, to fix it. Next step would be to ask the company that blacklisted you to remove you from their list. Some blacklisted companies, however, may have the “un-blacklist-me-or-else” kind of reaction. I sure hope this is not the case with Cyberbunker and I hope we’ll hear about clear actions towards ensuring the attackers are unveiled,” explained Balan.
One thing’s for sure: Spamhaus has experienced other attacks before, and they will not stop fighting spammers because of the latest ones.
We’ll keep an eye out for what the future holds on this alleged feud. So subscribe to the BullGuard blog and stay tuned!