Historic Hacks: Spamhaus

You may have noticed that today’s Historic Hack title is a little bit different. Today we are featuring the target rather than the attacker, due to the fact that the attacker is still unknown. In this installment of Historic Hack, we will look at Spamhaus as the target of one of the biggest DDoS attacks in internet history.

DDoS to chaos

In 2013, the internet as a whole slowed down as a Distributed Denial of Service (DDoS) attack was aimed at Spamhaus, a non-profit organization created to track spam. It is likely that Spamhaus was targeted because they work to provide much of the information that creates the backbone of anti-spam filtering found online. Spamhaus’s volunteers patrol the entire internet for spammers to publish a list of servers used to send spam. Their work helps system admins filter those spammy messages we don’t want to see in our inbox.
Because Spamhaus is responsible for blacklists that restrict domains, it’s no surprise that they were targeted for an attack. According to Cloudflare, “Spamhaus’s blocklists are distributed via DNS and there is a long list of volunteer organizations that mirror their DNS infrastructure in order to ensure it is resilient to attacks.” Dozens of hijacked computers were used to send repeated signals at an unprecedented rate and volume directly to Spamhaus’s network. These signals were used to jam up the traffic and cause a complete slowdown of the internet. The attack was so intense that it shut down some areas of the internet completely.
Perpetrators of the Spamhaus attack used hundreds of domain name servers to amplify the repeated signals to reach data flooding of up to 300 gigabits per second. At this magnitude, networks become so overloaded that they shut down entirely. As a result of this, Spamhaus was completely overwhelmed and had no choice but to reach out to a Content Delivery Network (CDN) for assistance in mitigating the attack. The volume of the attack was such that the internet had never seen before, and is known as one of the largest DDoS attacks in history.

Cloudflare to the rescue

You can see Cloudflare’s entire narrative of this historic day on their website here. However, the condensed version is as follows:
In March of 2013, Spamhaus contacted Cloudflare with an urgent SOS. The content delivery firm quickly responded to attempt to mitigate the threat. When Spamhaus made the call, they had no concept of the size of the attack they were facing. The Layer 3 attack had completely saturated the network. The DDoS attack then targeted Cloudflare itself, causing even more mayhem than anticipated. By targeting a CDN, traffic across the world was also affected.
As the threat grew, Cloudflare had to quickly get creative in terms of how to deal with this attack. They ended up recording over 30,000 different unique DNS resolvers in the attack. Things calmed initially, but after a few days, the attack was reinforced with extra vigor. Ultimately, Cloudflare was able to load balance the attack until the event ended. What occurred made history as the largest DDoS attack seen to that date.

Create a platform with increased uptime and extra reliability – partner with VPS.NET today!