Newsletters
News & Information for Technology Purchasers NewsFactor Sites:       NewsFactor.com     Enterprise Security Today     CRM Daily     Business Report     Sci-Tech Today  
   
This ad will display for the next 20 seconds. Please click for more information, or scroll down to pass the ad, or Close Ad.
Home Enterprise I.T. Cloud Computing Applications Hardware More Topics...
Vblock™ Systems:
Advanced converged infrastructure
increases productivity & lowers costs.

www.vce.com
Network Security
24/7/365 Network Uptime!
Average Rating:
Rate this article:  
Dutch Man Held in Huge DDoS Attack that Slowed Internet
Dutch Man Held in Huge DDoS Attack that Slowed Internet

By Jennifer LeClaire
April 29, 2013 1:44PM

    Bookmark and Share
A Dutch man has been arrested in Spain, allegedly for participating in the DDoS attack on Spamhaus by CyberBunker, an ISP. "I believe that we may have been lucky in this case, but we cannot rely on reactive measures to stop these attacks," said security analyst David Britton. "We must be putting layers in place to prevent them from disrupting business."
 


Police in Barcelona, Spain, arrested a Dutch man on Friday at the request of Netherlands police, who say he launched "unprecedented heavy attacks on the non-profit organization Spamhaus," which tracks the Internet's worst spammers.

Dutch prosecutors identified the suspect as S.K., and some news outlets reported his name as Sven Olaf Kamphuis, 35. He is expected to be sent to the Netherlands.

Kamphuis had previously been identified as a spokesman for CyberBunker, which is accused of a massive distributed denial of service attack against Spamhaus in late March. CyberBunker was on the Spamhaus list of notorious spammers and supposedly launched the DDoS attacks in retaliation.

The attacks, which made use of legitimate Internet DNS servers to flood systems with spurious traffic, slowed large portions of the Internet, and at the time was called the biggest cyberattack in history.

Some security researchers later questioned whether CyberBunker's move was just a public-relations stunt. Others say this signals the beginning of a new wave of such attacks.

Good News, Bad News

David Britton, vice president of Industry Solutions at 41st Parameter, said there is good news and bad news with the arrest. The good news is that the authorities may have removed one perpetrator from the mix. The bad news is that there are many more out there who are acting with impunity.

"I believe that we may have been lucky in this case, but we cannot rely on reactive measures to stop these attacks," Britton said. "We must be putting layers in place to prevent them from disrupting business on the front end."

Britton also pointed to DDoS attacks being used to create a diversion within the financial services industry. He offers an example: While the sites are down, fraudsters will submit a large number of wire transfers so when the site is back up the system is overloaded with pending transactions, and they are forced to process them without running the proper fraud screening.

"With the increased volume of these types of sophisticated attacks, and the sheer size of the attacks, it is clear that organizations must use all tools at their disposal to fend off attackers," Britton told us. "This includes not just the traditional firewall systems that must be in place, but leveraging tools that can also deflect the traffic that is being routed at the application layer, designed to simulate legitimate application traffic."

ISP Involvement Needed

Alex Horan, a senior product manager at Core Security, said the levels of data sent in this DDoS attack were some of the highest ever seen. And, he added, if that is a sign of the levels that are possible in the future, organizations need to revisit how they expected to handle a DDoS attack against their servers.

"The fact is they cannot be expected to handle it alone. The key is to move attack detection and defense as close to the attacking machines as possible," Horan told us. "Ideally, the ISPs of the attacking parties, most of whom probably don't even know their compromised machines are participating in the attack, would drop the traffic before it even gets out onto the Internet proper. The further onto the Internet this traffic gets, the greater an effect it has."

As Horan sees it, ISPs should do this -- and potentially the legislative bodies of the countries they reside on, to take proactive action. They must analyze and filter this traffic in response to requests by the ISPs hosting the servers being attacked. Until there is this coordinated response, he said, DDoS attacks will keep being a threat to legitimate servers on the Internet.
 

Tell Us What You Think
Comment:

Name:



APC has an established a reputation for solid products that virtually pay for themselves upon installation. Who has time to spend worrying about system downtime? APC makes it easy for you to focus on business growth instead of business downtime with reliable data center systems and IT solutions. Learn more here.


 Network Security
1.   Lessons from Verizon's Threat Report
2.   Verizon Report Exposes Cyberthreats
3.   How Are Web Sites Post-Heartbleed?
4.   White House Updating Privacy Policy
5.   Target Hackers May Be Tough To Find


advertisement
How Are Web Sites Post-Heartbleed?
Questions on open source, security.
Average Rating:
Heartbleed Exploit Could Cost Millions
But it could have been prevented.
Average Rating:
Michaels: Nearly 3M Cards Breached
But the hack has been contained.
Average Rating:


advertisement
Product Information and Resources for Technology You Can Use To Boost Your Business

Network Security Spotlight
What Verizon's Data Breach Report Can Teach Enterprises
It’s probably not a jaw-dropper, but cyberespionage is officially on the rise. And the use of stolen or misused credentials is still the leading way the bad guys gain access to corporate information.
 
Top Cyberthreats Exposed by Verizon Report
Beyond Heartbleed, there are cyberthreats vying to take down enterprise networks, corrupt smartphones, and wreak havoc on businesses. Verizon is exposing these threats in a new report.
 
Where Do Web Sites Stand, Post-Heartbleed?
A security firm says the vast majority of Web sites have patched themselves to protect against the Heartbleed bug, but now there are questions raised on the reliability of open-source programs.
 

Navigation
NewsFactor Network
Home/Top News | Enterprise I.T. | Cloud Computing | Applications | Hardware | Mobile Tech | Big Data | Communications
World Wide Web | Network Security | Data Storage | Small Business | Microsoft/Windows | Apple/Mac | Linux/Open Source | Personal Tech
Press Releases
NewsFactor Network Enterprise I.T. Sites
NewsFactor Technology News | Enterprise Security Today | CRM Daily

NewsFactor Business and Innovation Sites
Sci-Tech Today | NewsFactor Business Report

NewsFactor Services
FreeNewsFeed | Free Newsletters | XML/RSS Feed

About NewsFactor Network | How To Contact Us | Article Reprints | Careers @ NewsFactor | Services for PR Pros | Top Tech Wire | How To Advertise

Privacy Policy | Terms of Service
© Copyright 2000-2014 NewsFactor Network. All rights reserved. Article rating technology by Blogowogo. Member of Accuserve Ad Network.