Mega DDoS attacks on the rise -- Kaspersky

DDoS attacks like the one that resulted from an altercation between a Dutch company and Spamhaus this week are on the rise, according to a statement from Kaspersky Labs.

The security vendor was responding to the huge DDoS attack that occurred on Wednesday, described as the biggest cyber attack in history. The attack affected millions of rank and Internet users, slowing hundreds of processes down.

According to reports, the DDoS attack occurred when Spamhaus, an organisation that blacklists spammers, blacklisted Dutch company Cyberbunker, an open hosting service that allows anyone to set up a website on its servers.

The attack exploited the architecture of the Internet to heard huge amounts of traffic to the Spamhaus website. The attack then went global, affecting the wider Internet.

"Based on the reported scale of the attack, which was evaluated at 300 Gigabits per second, we can confirm that this is one of the largest DDoS operations to date," said Kaspersky Lab's Global Research and Analysis team in a statement.

"The data flow generated by such an attack may affect intermediate network nodes when it passes them, thus impeding operations of normal web services that have no relation to Spamhaus or Cyberbunker. Therefore, such DDoS attack may affect regular users as well, with network slowdown or total unavailability of certain web resources being typical symptoms. There may be further disruptions on a larger scale as the attack escalates."

According to reports, Spamhaus called on Cloudflare to counter the attack after it found its defences were being overwhelmed. Cloudflare's counters worked, so the hackers began attacking sites affiliated with Spamhaus, as well as sites used by Cloudflare. Before long, the attack had begun to affect service across the Internet.

While the worst of this latest high-level DDoS attack may now be over, Kaspersky said that the world could expect to see more of the same. Cyber criminals can now attack much more frequently and on a much wider scale, the statement said.

"In general, attacks of this type are growing in terms of quantity as well as scale. Among the reasons for this growth is the development of the Internet itself (network capacity and computing power) and past failures in investigating and prosecuting individuals behind past attacks."

Kaspersky said that there are two major motives behind launching such high-level attacks. Firstly, the statement said, cyber criminals conduct DDoS attacks to disrupt organisations in order to extort money from them. Secondly, hackers use DDoS attacks as a weapon to disrupt organisations out of ideological or political interests.

Going by the reports of yesterday's Internet-wide attack, it would appear that the attackers were making a political point, rather than attempting to extort money.

At the time of writing, the Cyberbunker website was inaccessible.

Join the CSO newsletter!

Error: Please check your email address.

Tags kaspersky labssecurity

More about KasperskyKaspersky

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Tom Paye

Latest Videos

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

  • 150x50

    IDG Live Webinar:The right collaboration strategy will help your business take flight

    Speakers - Mike Harris, Engineering Services Manager, Jetstar - Christopher Johnson, IT Director APAC, 20th Century Fox - Brent Maxwell, Director of Information Systems, THE ICONIC - IDG MC/Moderator Anthony Caruana

    Play Video

More videos

Blog Posts