Slashdot Mirror

← Back to Stories (view on slashdot.org)

Largest DDoS In History Reaches 300 Billion Bits Per Second

Posted by Unknown on from the making-enemies dept.

An anonymous reader writes "The NYT is reporting that the Largest DDoS in history reached 300 Gbps. The dispute started when the spam-fighting group Spamhaus added the Dutch company Cyberbunker to its blacklist, which is used by e-mail providers to weed out spam. Millions of ordinary Internet users have experienced delays in services like Netflix or could not reach a particular Web site for a short time. Dutch authorities and the police have made several attempts to enter the bunker by force but failed to do so. The attacks were first mentioned publicly last week by Cloudflare, an Internet security firm in Silicon Valley that was trying to defend against the attacks and as a result became a target."

20 of 450 comments (clear)

  1. Watch your clauses, people! by Looker_Device · · Score: 5, Informative

    The dispute started when the spam-fighting group, called Spamhaus, added the Dutch company Cyberbunker to its blacklist, which is used by e-mail providers to weed out spam.

    I think what they meant to say here was: "The dispute started when the spam-fighting group Spamhaus, which maintains a blacklist used by e-mail providers to weed out spam, added the Dutch company Cyberbunker to its blacklist."

    --
    Your political party doesn't care about your rights and only represents corporate interests.
    1. Re:Watch your clauses, people! by Nerdfest · · Score: 5, Funny

      A Slashdot editor Yoda has become.

    2. Re:Watch your clauses, people! by Anonymous Coward · · Score: 5, Informative

      I came here to say this, and was all prepared to lambaste the summary, when I took the time to discover that the sentence is straight from TFA!

      Great jorb, New York Times. And they wonder why newspapers are dying.

    3. Re:Watch your clauses, people! by PartyBoy!911 · · Score: 5, Informative

      Me neither, Netflix isn't even available for Dutch people.

    4. Re:Watch your clauses, people! by wmac1 · · Score: 5, Funny

      I wish there was a smaller unit than bits. The headline would become more exciting!

    5. Re:Watch your clauses, people! by telchine · · Score: 5, Funny

      Removing words is like removing lines of code. Almost always makes it better.

      Removing ... words is like ... better

    6. Re:Watch your clauses, people! by femtobyte · · Score: 5, Insightful

      SI unit prefixes are readily available anytime you need them.
      -femtobyte

  2. Bunker by ISoldat53 · · Score: 5, Funny

    The summary makes it sound like the Cyberbunker is a physical location. If so, a wire cutter should cut off it's access to the inter webs.

    1. Re:Bunker by KiloByte · · Score: 5, Interesting

      Except that this bunker has an air reprocessing center. It's a whole underground complex, meant to house a part of NATO's command center in the event of a thermonuclear war.

      On the other hand, cutting the network cable would indeed render the criminals inside nice and fluffy, with a self-inflicted prison sentence if they decide to refuse to go out. They already resisted police raids twice, including once by a SWAT team.

      --
      The creatures outside looked from Alt-Right to Antifa; but already it was impossible to say which was which.
    2. Re:Bunker by 50000BTU_barbecue · · Score: 5, Funny

      If they're atheist bombs, you don't deliver them by USPS.

      --
      Mostly random stuff.
    3. Re:Bunker by GreenTom · · Score: 5, Insightful

      I don't know..I'm not a combat engineer, but I don't think any bunker can last long if determined professionals are allowed to freely operate outside it. "nuclear bunker" means certain things about tolerance to over pressure, shock, contaminated air, etc., but doesn't do all that much against people with jackhammers and drills. The wikipedia page says the cyberbunker has 5 meter thick reinforced concrete walls, which would probably keep you and me out, but I'm sure can be defeated in time with civil engineering equipment. Beyond that, if you've got guys who know what they're doing poking around outside the bunker, there's whole worlds of things they can do.

      These Danish cyberbunker people seem to share a mindset with the U.S. Ruby Ridge crowd, and they're both wrong. Making yourself an immobile target and defying state power in a developed nation really only has two outcomes: either you're not enough of a nuisance to provoke action, or you get crushed.

  3. don't RTFA by slashmydots · · Score: 5, Funny

    WARNING: if you attempt to RTFA, you will also be bombarded by a DDOS of spam ads. I appreciate the realism but it's kinda annoying.

  4. Alleged attempts to enter the bunker by force. by Gorath99 · · Score: 5, Informative
    From the summary:

    Dutch authorities and the police have made several attempts to enter the bunker by force but failed to do so.

    From TFA:

    Cyberbunker brags on its Web site that it has been a frequent target of law enforcement because of its “many controversial customers.” The company claims that at one point it fended off a Dutch SWAT team. “Dutch authorities and the police have made several attempts to enter the bunker by force,” the site said. “None of these attempts were successful.”

    In other words: Cyberbunker is not currently under assault by police, and we have only their word that they ever have been. I suspect that at one time they were successful in having visiting cops think nobody was home by being real quiet and quickly turning off all the lights.

    1. Re:Alleged attempts to enter the bunker by force. by 1u3hr · · Score: 5, Informative

      You realize Cyberbunker is situated in a bunker designed to survive a nuclear war.

      You don't have to kill them. Just unplugging their Internet connection would be enough, Then padlock the door and wait till they knock on it and ask to be let out. How long could that be? A week at the outside?

      I don't believe the bullshit about then fending off SWAT teams anyway. That's what they say on their own website. No government really cares about spam enough to send in a SWAT team. It's all "protected commercial speech", and plenty of assholes in government are happy to let them do it. If they gave a shit, they know who is DDOSing and exactly where they are. They could arrest them. Freeze their bank accounts. Turn off their electricity, water. But they do nothing.

  5. Important bit missing from a bad summary by 93+Escort+Wagon · · Score: 5, Interesting

    From TFA:

    Cyberbunker brags on its Web site that it has been a frequent target of law enforcement because of its “many controversial customers.” The company claims that at one point it fended off a Dutch SWAT team.

    The only mention of "Dutch authorities and police" comes from the Cyberbunker company itself. The article is badly written, so it's not completely clear (from the context) whether or this claim is related to the current dDOS the company is running. The writer doesn't appear to have talked to anyone in Holland - except perhaps the self-styled spokesman for Cyberpunker.

    --
    #DeleteChrome
  6. So.... by benjfowler · · Score: 5, Informative

    Who'd they piss off?

    Spamhaus must be costing somebody (or some people) a LOT of money to draw such a massive attack.

    I admire their balls -- Spamhaus are fighting serious and organised criminals, people who are perfectly capable of raping and murdering folks who get in their way. It wasn't so long ago that the Russian mafia targeted a Russian security specialist by kidnapping his daughter, raping her, injecting her with heroin and selling her into slavery.

    They are not very nice people at all, and shouldn't be fucked around with. Picking fights with organised criminals should be left to law enforcement.

  7. better articld by WGFCrafty · · Score: 5, Informative

    http://bbc.co.uk/news/technology-21954636

    No b/s subscription paywall nonsense

  8. Spamhaus and the spam problem by MrMickS · · Score: 5, Interesting

    From TFA:

    “Nobody ever deputized Spamhaus to determine what goes and does not go on the Internet,” Mr. Kamphuis said. “They worked themselves into that position by pretending to fight spam.”

    I'd rather not have to consult Spamhaus blacklists on my mail servers to block incoming email. I know that if I removed it my bandwidth would be clogged and the amount of work done by my servers to deal with spam would increase many fold. So I use Spamhaus blacklists and it makes me feel dirty. It's the wrong solution to the problem of spam. Surely we should be able to come up with something better.

    Spamhaus has been going for 15 years. Look at the other technological advances in that time why don't we have an effective, agreed upon, resolution to the problem of spam? Perhaps the best thing would be for Spamhaus to shut up shop, to stop providing the DNS lists. For mail servers to stop filtering and marking the spam. Let the size of the problem manifest itself. Perhaps then we will get a concerted effort to stop it rather than mitigate the impact.

    --
    You may think me a tired, old, cynic. I'd have to disagree about the tired bit.
  9. Re:Evidence? by MrMickS · · Score: 5, Interesting

    Item 1: The DDOS began after Cyberbunker IPs were added to the black lists.

    Item 2: Cyberbunker have a policy saying that they won't look at your servers and don't care what you do. Pretty much a green-light for spammers.

    Item 3: The internet activist stating that the DDOS is in response to the blacklisting.

    The circumstantial evidence points towards the attacks as being the result of the action Spamhaus took with respect to Cyberbunker. Its unlikely to be the company themselves, but rather at the instigation of one of their customers. The interesting thing is that you can find reports from 2011 (http://www.theregister.co.uk/2011/10/20/spamhaus_a2b_row/) where Spamhaus say that Cyberbunker were on the blacklist then with no prospect of being removed. What has happened in the meantime?

    --
    You may think me a tired, old, cynic. I'd have to disagree about the tired bit.
  10. Spamhaus reports, _users_ block by Onymous+Coward · · Score: 5, Informative

    The different lists published by Spamhaus distinguish whether the IPs are directly responsible or are organizationally related. There is no abuse of power here — customers subscribe to the lists that they want, and use those lists to block as they see fit. Spamhaus isn't forcing anyone to use the lists, nor is it misrepresenting what's in the lists.