Did we just nearly break the internet? What the Spamhaus attack says about our security

By: John McGarvey

Date: 28 March 2013

Internet DDoS attackIf you noticed your internet connection slowing markedly yesterday, with some sites sluggish and others unavailable, for once it might not have been down to your broadband supplier.

That's because spam fighting service Spamhaus was subjected to an enormous distributed denial of service (DDoS) attack.

It seems that Spamhaus blacklisted a controversial hosting provider, Cyberbunker, because its servers were apparently being used to send lots of spam. 'Friends' of Cyberbunker then bombarded Spamhaus with the biggest DDoS attack ever.

Are any of us innocent?

The incident spawned headlines like Global internet slows after 'biggest attack in history'. And with so much malicious data flying through the internet's wires, some innocent internet users found their service was disrupted as a result.

But how innocent are those internet users? Is our slack security as individuals partly to blame for the scale of the disruption?

It's an interesting question because this attack was coordinated using a huge 'botnet' of internet devices, including a large number of insecure broadband routers.

It's the exact threat experts recently warned us about, where hackers exploit weaknesses like default passwords to take control of these devices.

Your router is part of the problem

As more details of the Spamhaus attack emerge, we might get a better idea of what devices it involved. But as The Guardian reports, that innocent-looking router in the corner of your office could have been a part of the problem:

"Some of those requests will have been coming from UK users without their knowledge, said Blessing [an internet expert]. "If somebody has a badly configured broadband modem or router, anybody in the outside world can use it to redirect traffic and attack the target – in this case, Spamhaus."

Obviously, whoever initiated the attack is ultimately responsible. However, the scale of it was partly due to the vast number of insecure internet devices out there.

We're all to blame

So, who is to blame? Manufacturers who sell their products with inadequate security and don't properly explain how to beef it up? Internet service providers that make their routers less secure so they can log in remotely when they need to? IT adminstrators who don't update their software promptly?

Or is it all of them, and each of us too?

The internet is a decentralised, open network. That makes it very difficult for any single body to effectively police this type of incident, and means that we're collectively responsible for the internet's security.

Yesterday, we almost broke it. Perhaps it's time we all took the time to be more secure online.

What does the * mean?

If a link has a * this means it is an affiliate link. To find out more, see our FAQs.