The Largest DDOS Attack That Almost Took Down The Internet
Well we all were pretty upset with our internet speeds in last several days and probably blaming our service providers... But there's no fault of your service provider but indeed a DoS attack which damped the internet throughout the globe.
Recently, the largest DDOS attack in the history of the internet has been noticed, According to the reports from various websites; the attack was of more than 300GB/second. It all started when Spamhaus(NON PROFIT ORGAZNIATION) that manages the spam filters for various websites blacklisted a Dutch based webhosting company Cyberbunker, Cyberbunker allows a user to host everything else than Child pornography and stuff related to terrorism. This allows an attacker to host any malicious software such as botnet. A botnet can be used for variety of purposes ranging from stealing credit card information, infecting PC's to even denial of service attacks.
In a interview with bbc, Spamhaus blamed the Cyberbunker for the ongoing attacks, they said that Cyberbunkers have joined hands with attackers to perform DDOS attacks in order to compromise the availability.
The attack was a Denial of service attacks, which is often used by attackers to compromise the availability of the website by flooding the website with huge number of packets (In most cases), The DDOS attack was aimed at the DNS servers of Spamhaus, A DNS server is responsible for the translation of an IP address to domain name, In simple words, When we are accessing any website on the internet, on the back end we are actually accessing the IP address, DNS simplifies the process.
The experts call the attack as the biggest DDOS attack in the history of the internet, Normally, when we talk about a massive DDOS attack against huge infrastructures, It ranges from
30 to 50 GB per second of traffic, however this attack was more than 300gbps per traffic. The company moved to Cloudfare (A web performance and security company) in order to protect their services from been taken down, Initially they were receiving 10GBPS of traffic, but it got even the worse the attack and the highest peak noted was around 300GBPS. However, instead of going after Spamhaus the attackers targeted Cloudfare itself, the attackers failed to knock Cloudfare servers, even after a 100GIGS of traffic, after that they targeted the bandwidth providers of Cloudfare known as "Tier2", who itself buy bandwidth from Tier1 provider. The major traffic load was carried out by Tier1, which reported more than 300GBPS of traffic, making it the largest DDOS attack ever.
Now, one might think that, how is it slowing down the internet?, it's because, this is how the internet works as internet is simply a collection of networks, Let's say, when we are connecting to google.com from Pakistan, our browser sends a http requests, the browser sends/receives a packets which are hopped across lots of routers/networks in between until they reach the Google servers. As mentioned previously Tier2 buys bandwidth from Tier1, Tier1 connects to other Tier1 providers to ensure that all the networks are connected with each other.Tier1 providers are the core of the internet, the Tier1 provider ended up suffering all the traffic. It is reported by Cloudfare that Tier1 providers for Europe were affected, as a reason of which, internet slowdown was noticed for people surfing the internet in those areas.
The whole internet would have been compromised if those bandwidth providers losses their feet...