Users experienced widespread delays and outages in Internet service around the world this week after a group called Spamhaus made a new addition to its spam blacklist—a Dutch company called Cyberbunker. Email service providers (like Gmail or Hotmail) use blacklist services like Spamhaus to separate likely spam messages from legitimate mail, and as it turns out, Cyberbunker was none too happy about its new criminal label.
Cyberbunker is a hosting provider, which means that they provide the hardware, software, and Internet connection needed to share any web page–your blog, a photo album, or a personal or business website–online. More important though, also is that this means that email sent from a site hosted on Cyberbunker is uniquely identifiable as belonging to them. This allows spam blacklist services like Spamhaus to filter out Cyberbunker-related email messages from the rest of your inbox.
A spokesman for Spamhaus, which is based in Europe, added: “These guys are just mad. To be frank, they got caught. They think they should be allowed to send spam.”
In retaliation for Spamhaus’ decision to blacklist Cyberbunker, attackers launched a massive DDoS attack, which stands for Distributed Denial of Service. What this means is that hackers flood their target with large amounts of traffic generated by a network of remotely controlled, infected home computers (this is called a botnet, and you can learn more about botnets here). What this does is consume a massive amount of resources, both Spamhaus’ as well as their upstream provider and hosting facility. This is why the attack also affected unrelated services like Netflix who use some of the same network pipes to send traffic.
While Spamhaus has done a valiant job fighting back and is still up and running, the massive influx of traffic affected millions of ordinary Internet users. While a typical denial-of-service attack tends to affect only a small number of computers, in this case, the attack used victims’ computers from all over the world. Such a widespread attack cannot be easily stopped, because the affected machines cannot be shut off without halting the entire Internet.
The bottom line
As McAfee Vice President and CTO Phyllis Schneck released in a statement on the attack, “Denial of Service (DOS), and Distributed Denial of Service (DDOS) attacks are not new, and do not demand significant technical expertise to initiate. However their impact as we have recently witnessed can be significant. Due to the connected nature of digital citizens, a dispute between key parties will impact everyone from consumers to SMB to large enterprises.”
One key takeaway I want to emphasize for readers is that everything you do on the Internet can affect not only you, but also anyone you come into contact with online. If your computer is infected with a virus, you can easily pass that virus on to friends and family unintentionally. This allows spam groups like Cyberbunker to operate, as only infected computers can be used in this type of widespread attack.
To protect yourself and others from this type of threat, always use up to date your security software on all your devices, like McAfee All Access, and regularly scan your devices for new threats. In addition, always follow secure password best practices, and if you believe that your email or social media accounts have been used to send spam, change your passwords right away.