A huge denial-of-service attack that eventually slowed traffic across much of the Internet relied on vulnerabilities in the network’s own hardware to amplify its effects, John Markoff and Nicole Perlroth report on Thursday in The New York Times.
The digital “fire hose†being wielded by the attackers to jam traffic on the Internet in recent weeks was made possible by both the best and worst aspects of the sprawling global computer network. The Internet is, by default, an open, loosely regulated platform for communication, but many of the servers that make its communication possible have been configured in such a way that they can be easily fooled.
The latest attacks, which appeared to have subsided by Wednesday, have demonstrated just how big a problem that can be.
On Tuesday, security engineers said that an anonymous group unhappy with Spamhaus, a volunteer organization that distributes a blacklist of spammers to e-mail providers, had retaliated with a cyberattack of vast proportions. In what is called a distributed denial of service, or DDoS, attack, the assailants harnessed a powerful botnet â€" a network of thousands of infected computers being controlled remotely â€" to send attack traffic first to Spamhaus’s Web site and later to the Internet servers used by CloudFlare, a Silicon Valley company that Spamhaus hired to deflect its onslaught.
This kind of attack works because the botnet exploits Internet routing software and fools Internet servers into responding to requests for information sent simultaneously by a large group of computers. The Internet servers that answer the requests are tricked into sending blocks of data to the victims, in this case Spamhaus and CloudFlare.
The attack was amplified because each of the servers in this case was asked to send a relatively large block of information. The data stream grew from 10 billion bits per second last week to as much as 300 billion bits per second this week, the largest such attack ever reported, causing what CloudFlare estimated to be hundreds of millions of people to experience delays and error messages across the Web.
On Wednesday, CloudFlare described the highly technical game of cat-and-mouse between itself and Spamhaus’s opponents that has played out over the course of the last nine days. After the attackers discovered that they could not disable CloudFlare, which had been hired by Spamhaus to absorb its attack traffic, they changed their strategy.
