The slow Internet connection isn’t just you. The Web has been under one of its biggest-ever attacks since a Dutch Web-hosting company caused service to be disrupted and slowed down. Here’s how it went down: a Geneva-based spam-fighting group, Spamhaus, temporarily added a Dutch firm Cyberbunker, to an email blacklist that blocks out spam, and Cyberbunker did not react well. Cyberbunker infamously operates out of NATO bunker and boasts of hosting any Web site “except child porn and anything related to terrorism” -- which is most likely how it ended up on the list of spammers in the first place. In retaliation, Cyberbunker launched the attack, which has slowed down many sites, including Netflix and other services.
A typical denial-of-service attack tends to affect only a small number of networks. But in the case of a Domain Name System flood attack, data packets are aimed at the victim from servers all over the world. Such attacks cannot easily be stopped, experts say, because those servers cannot be shut off without halting the Internet.
“The No. 1 rule of the Internet is that it has to work,” said Dan Kaminsky, a security researcher who years ago pointed out the inherent vulnerabilities of the Domain Name System. “You can’t stop a DNS flood by shutting down those servers because those machines have to be open and public by default. The only way to deal with this problem is to find the people doing it and arrest them.”
The heart of the problem, according to several Internet engineers, is that many large Internet service providers have not set up their networks to make sure that traffic leaving their networks is actually coming from their own users. The potential security flaw has long been known by Internet security specialists, but it has only recently been exploited in a way that threatens the Internet infrastructure.
An engineer at one of the largest Internet communications firms said the attacks in recent days have been as many as five times larger than what was seen recently in attacks against major American banks. He said the attacks were not large enough to saturate the company’s largest routers, but they had overwhelmed important equipment.
Patrick Gilmore, chief architect at Akamai Technologies, a digital content provider, said “It is a real number, it is the largest publicly announced DDoS attack in the history of the Internet.”