Home » The Biggest Cyber Attack in History @ Spamhaus

The Biggest Cyber Attack in History @ Spamhaus

The internet has been targeted time and ever by hackers and spammers. Anyhow, it never happened in history that an attack brought half of the world’s netizens to a halt. The recent attack led to internet speeds in Europe falling to near zero thereby interrupting crucial work. This attack has set an unconditional fear among people.

Reason For The Biggest Cyber-Attack Ever In The History

This attack was basically targeted at a website called Spamhaus.org is a website that makes a list of spamming websites and mails the list to internet service providers. So it takes the responsibility of removing spam from the internet and keeping it clean. Anyhow this could not be digested by some possible spammer who revenged it by launching this attack. Interestingly this attack was carried out hours after Spamhaus.org blacklisted Cyberbunker.com which falls as the prime suspect to this activity. The management of Cyberbunker.com completely denied any involvement in this act.

Suspects For The Biggest Cyber Attack @ Spamhaus

Basically two organizations are suspected behind this attack. The first one being Cyberbunker.com! The reason to suspect it is that the attack took place a few hours after it was blacklisted by Spamhaus.org. Thus Cyberbunker.com must have been the maximum beneficiary of this attack since its mail data could have been erased well in time. Anyhow, its management does not accept the responsibility for any such act. They have clearly denied the allegations. The second suspect is Mr. Sven Olaf Kamphuis owner of CB3ROB. He is also the co-owner of Cyberbunker. This person is under serious investigation for this happening and everyone eyes him for it. The profiles of these 2 Internet chip-nicks are as follows:

  • Cyberbunker: This website provides internet hosting but is well criticized for its habit of spamming. This was the reason it was under the scanner.
  • CB3ROB: It is basically an Internet Service Provider. It was under the scanner for its allowing illegal activities online.

Mr. Kamphuis has denied any involvement in the same straight away. But no one knows whether he is serious or just attempting to save himself from the law.

Cyber Attack

How The Attack At Spamhaus Carried Out?

The biggest cyber-attack was of the type Distributed Denial of Service (DDoS) Attack. In typical DDoS attacks, the attacker or hacker, first accesses the base system and infects it with a virus so that it becomes in defendable. Then it attacks it by sending heavy bogus traffic to the website so that it hangs up due to overloading. Usually these attacks have a cap rate of 100 Gbps and this is known by security agencies so they are well prepared to handle any such situation. But in this case the attack was way above the cap rate and possibly was of 300 Gbps. Now what happened exactly was as follows:

  • Spamhaus had a security tie up with CloudFlare. CloudFlare is an IT security organization.
  • The hacker knew this fact, as well as the fact that Spamhaus’s site was not as easy to access.
  • So the hacker penetrated through CloudFlares server first thus disabling it.
  • To do this the exploited CloudFlares DNS. The DNS is the service which converts the alphabetical IP address into a form understandable by the internet, thus making it a very crucial parameter. Anyhow the worst part is the details of CloudFlares were freely available on the net.
  • The hacker performed the act step by step in an organized manner and thus remained undetectable till the damage was done.  The steps he followed were as follows:

Initial Attack At Spamhaus

Initially a large number of computers were attacked in such a manner that they worked as reflectors and the attack was reflected back by them.

Cyber attack at Spamhaus (1)

  • 1000 plus computers were attacked at the same time. All of these computers acted like reflectors to the attack that the attacker planned.
  • Each of those computers sent a request to an internet server and that server was called an open resolver.
  • The resolvers got confused and replied thus amplifying the attack. This amplified attack was much larger as compared to initial attack on the 1000 computers.
  • Spamhaus was unable to respond to such high traffic. Thus its server collapsed. The attacker is bound to have taken advantage of this fact thereby editing or deleting crucial information from Spamhaus’s server.

Spamhaus’s Response To The Biggest Cyber- Attack Over It

CloudFlare, Spamhaus’s security provider, increased its traffic handling capacity so that they could prevent it from going offline.

Cyber attack at Spamhaus (2)

  • Spamhaus’s security provider CloudFlare comes into action. It judges the attack and plans a counter measures.
  • As a counter measure, CloudFlare increased Spamhaus’s traffic handling capacity so that it could at least help itself recover from the problem temporarily. Anyhow the danger was still not over. But the main point is that the attacker could not bring Spamhaus offline now. So in short they got enough time to plan their next security measure.

Re-Attack By The Attacker

The attacked launched another attack again but this time in a different manner.

Cyber attack at Spamhaus (3)

  • However, the attacker was not ready to give up at any cost. Since the hacker could not bring Spamhaus offline now, it attacked exchanges in Europe and Asia as well as CloudFlare’s website.
  • After this the hacker spoofed the IP address of CloudFlare, attacked his open resolver, deactivated it and went on with its job at Spamhaus.
  • Thus the net speeds were slowed during this problem. This slowing down of speeds was the main cause we call it the biggest cyber attack in history.

Losses In The Biggest Cyber-Attack Ever In The History

This attack slowed down internet speeds to crucial levels. Spamhaus came over its pride that it can never be hacked. Internet standards were exploited. Exchanges in Asia and Europe are still to recover from the loss that occurred during this act. Most servers in these exchanges are still to be repaired.

Prevention Measures Considered For Future

As a rehabilitation measure for what all happened the following measures have been considered:

  • New standards have been set for DDoS related threats. The new figure is somewhere near 300 Gbps.
  • All cyber security companies have been alerted about this form of attacks and are looking forward to find ways to counter this.
  • Technologies are being implemented to prevent IP spoofing.
  • All free DNS servers are being closed. Heavy security is being imposed on them in order to avoid any such activity in future.

 <Image Credit>

About the author

Zainil Dedhia

Zainil is commerce graduate & is pursuing his further studies in commerce. He loves to write about software's & social media.

Connect with Zainil: Facebook and Twitter.


Click here to post a comment

All the data shown above will be stored by Techtricksworld.com on https://www.techtricksworld.com. At any point of time, you can contact us and select the data you wish to anonymise or delete so it cannot be linked to your email address any longer. When your data is anonymised or deleted, you will receive an email confirmation. We also use cookies and/or similar technologies to analyse customer behaviour, administer the website, track users' movements, and to collect information about users. This is done in order to personalise and enhance your experience with us.

  • Well, I’m not a techie and do nt understand a greater part of what you explained in detail up there. But YES, internet speed was badly hit. I thought it was BSNL providing lousy services but soon learned that internet users all over the world had been affected, irrespective of the service provider.
    Just hope that these types of attacks do not become a regular feature.

    • May be spammers are there to make other people work in a better way! 😎

      At times I could comment that, if there weren’t unethical people in this world, then the world would have been too slow and a bit monotonous too!

      PS-I m no ways supporting the crime! 😛

  • huhhh..!!
    This attack badly affects my net 🙁
    Almost 4-5 days I’m unable to do anything on my so called BSNL net.
    I hope this type of attack won’t repeat in coming future !!
    Thanks for the detailed info about this attack.

      • Yup 4-5 days !! My side it was badly affected.
        I’m using BSNL.
        huh.. BSNL Sucks..!! and yes. specially my facebook 😛
        I can’t access my facebook for 4-5 days 🙁 😛

  • I have searched internet many times in 3-4 days to find out what issue was Cyber War. Although it was said spamhaus got attacked, but no one explained it in a better way. This post shown graphics, examples how it happened. Hoping the problem will be resolved soon and internet Industry won’t face it in near future. It is bad thing for current internet era.

  • Well I have not experienced any such change in the speed of the internet. I use college wifi and I think the speed was increased 🙂 But yes I had friends who complained about the decrease in internet speed!

  • And I would add one more thing. You need to have a goal on where you want to go and what you want to accomplish, so that when you run into some struggles, your goals and dreams get you through them.

Pin It on Pinterest