From: Khaleej Times

Allan Jacob

The cyber attack on a spam watchdog over the past week was unprecedented in size and some users in the UAE may have come in the line of fire.

Spamhaus, the company at the forefront of the war against spam in mailboxes, was hit with what is known as a denial of service attack (DDoS) from a group of hackers believed to be from Europe and the ripple effect could have been felt in the UAE.

Speaking to Khaleej Times, John Reid of the Geneva-based Spamhaus Project, said some users in the UAE may have experienced a slowdown depending on the sites or e-mail they tried to access during the period.

The Internet spam list, run by volunteers, tracks the web for spammers and publishes a list of servers they use to send their messages. This helps e-mail system administrators to block unsolicited mails.

“It’s too hard to judge (how many were affected by the attack). Some of the Tier-1 networks and interchange may know, or have a guess,” said Reid.

CloudFlare, an Internet security firm, which was alerted by Spamhaus on March 18, said the attackers lured servers into routing billions of bits of junk traffic to the victim site every second.

This caused Net traffic to crawl and put a strain on the immediate and wider network. “With this attack, some collateral damage may have been seen locally, all depending on where you connect to the internet and when you look,” a Spamhaus spokesperson said.

Kaspersky Labs, a leading Internet security firm, agreed and said this incident could have slowed down normal browsing, but said it is hard to assess the impact in the Middle East or the UAE.

“Based on the report published in media about scale of the attack, which was evaluated at 300 Gigabits per second, we can agree that this is one of the largest DDoS operations to date. The data flow generated by such an attack may affect intermediate network nodes when it passes them, thus impeding operations of normal web services that have no relation to Spamhaus or Cyberbunker,” said Ivan Kling, Senior Corporate Communications Manager, Strategic Projects and Threat Research, Kaspersky.

“Therefore, such DDoS attack may affect regular users as well, with network slowdown or total unavailability of certain web resources being typical symptoms. There may be further disruptions on a larger scale as the attack escalates,” he warned.

He said attacks of this type are growing in terms of quantity as well as scale. Among the reasons for this growth is the development of the Internet itself (network capacity and computing power) and past failures in investigating and prosecuting individuals behind past attacks.

Cybercriminals target corporations in an effort to extort money from them, he said. “Some use it as a weapon to disrupt companies for their own ideological, political or personal interests, Kling said.