Newsletters
The Enterprise Security Supersite NewsFactor Sites:       NewsFactor.com     Enterprise Security Today     CRM Daily     Business Report     Sci-Tech Today  
   
Home Network Security Viruses & Malware Cybercrime Security Solutions More Topics...
GET RECOGNIZED.
Let an ISACA® certification
elevate your career.

Register today and save
Cybercrime
24/7/365 Network Uptime!
Average Rating:
Rate this article:  
Dutch Man Held in Huge DDoS Attack that Slowed Internet
Dutch Man Held in Huge DDoS Attack that Slowed Internet

By Jennifer LeClaire
April 29, 2013 1:44PM

Bookmark and Share
A Dutch man has been arrested in Spain, allegedly for participating in the DDoS attack on Spamhaus by CyberBunker, an ISP. "I believe that we may have been lucky in this case, but we cannot rely on reactive measures to stop these attacks," said security analyst David Britton. "We must be putting layers in place to prevent them from disrupting business."
 


Police in Barcelona, Spain, arrested a Dutch man on Friday at the request of Netherlands police, who say he launched "unprecedented heavy attacks on the non-profit organization Spamhaus," which tracks the Internet's worst spammers.

Dutch prosecutors identified the suspect as S.K., and some news outlets reported his name as Sven Olaf Kamphuis, 35. He is expected to be sent to the Netherlands.

Kamphuis had previously been identified as a spokesman for CyberBunker, which is accused of a massive distributed denial of service attack against Spamhaus in late March. CyberBunker was on the Spamhaus list of notorious spammers and supposedly launched the DDoS attacks in retaliation.

The attacks, which made use of legitimate Internet DNS servers to flood systems with spurious traffic, slowed large portions of the Internet, and at the time was called the biggest cyberattack in history.

Some security researchers later questioned whether CyberBunker's move was just a public-relations stunt. Others say this signals the beginning of a new wave of such attacks.

Good News, Bad News

David Britton, vice president of Industry Solutions at 41st Parameter, said there is good news and bad news with the arrest. The good news is that the authorities may have removed one perpetrator from the mix. The bad news is that there are many more out there who are acting with impunity.

"I believe that we may have been lucky in this case, but we cannot rely on reactive measures to stop these attacks," Britton said. "We must be putting layers in place to prevent them from disrupting business on the front end."

Britton also pointed to DDoS attacks being used to create a diversion within the financial services industry. He offers an example: While the sites are down, fraudsters will submit a large number of wire transfers so when the site is back up the system is overloaded with pending transactions, and they are forced to process them without running the proper fraud screening.

"With the increased volume of these types of sophisticated attacks, and the sheer size of the attacks, it is clear that organizations must use all tools at their disposal to fend off attackers," Britton told us. "This includes not just the traditional firewall systems that must be in place, but leveraging tools that can also deflect the traffic that is being routed at the application layer, designed to simulate legitimate application traffic."

ISP Involvement Needed

Alex Horan, a senior product manager at Core Security, said the levels of data sent in this DDoS attack were some of the highest ever seen. And, he added, if that is a sign of the levels that are possible in the future, organizations need to revisit how they expected to handle a DDoS attack against their servers.

"The fact is they cannot be expected to handle it alone. The key is to move attack detection and defense as close to the attacking machines as possible," Horan told us. "Ideally, the ISPs of the attacking parties, most of whom probably don't even know their compromised machines are participating in the attack, would drop the traffic before it even gets out onto the Internet proper. The further onto the Internet this traffic gets, the greater an effect it has."

As Horan sees it, ISPs should do this -- and potentially the legislative bodies of the countries they reside on, to take proactive action. They must analyze and filter this traffic in response to requests by the ISPs hosting the servers being attacked. Until there is this coordinated response, he said, DDoS attacks will keep being a threat to legitimate servers on the Internet.
 

Tell Us What You Think
Comment:

Name:



Salesforce.com is the market and technology leader in Software-as-a-Service. Its award-winning CRM solution helps 82,400 customers worldwide manage and share business information over the Internet. Experience CRM success. Click here for a FREE 30-day trial.


 Cybercrime
1.   Banks Hit by Android-Skirting Malware
2.   Can Google Stop Zero Day Flaws?
3.   Russian Hackers Attack CNET
4.   FBI Cyber-Expert's Humble Start
5.   Chinese Man Charged with Hacking


advertisement
Banks Hit by Android-Skirting Malware
34 institutions, four European countries
Average Rating:
Can Google Stop Zero Day Flaws?
Security top priority for search giant.
Average Rating:
Russian Hackers Attack CNET
Getting to the bottom of exploit is key.
Average Rating:


advertisement
Product Information and Resources for Technology You Can Use To Boost Your Business

Network Security Spotlight
34 European Banks Hit by Android-Skirting Malware
Criminals have been finding gaping holes in Android-based two-factor authentication systems that banks around the world are using. The result: 34 banks in four European countries have been hit.
 
New Web Tracking Technologies Defeat Privacy Protections
Recently developed Web tracking tools are able to circumvent even the best privacy defenses, according to a new study by researchers at Princeton and the University of Leuven in Belgium.
 
Juniper DDoS Solution Aims at High-IQ Networks
In the face of more complex attacks, Juniper Networks is boosting its DDoS Secure solution to help companies mitigate the threats with more effective security intelligence throughout the network fabric.
 

Navigation
Enterprise Security Today
Home/Top News | Network Security | Viruses & Malware | Cybercrime | Security Solutions | Mobile Security | Disaster Recovery | Windows Security
Data Security | EST Press Releases
NewsFactor Network Enterprise I.T. Sites
NewsFactor Technology News | Enterprise Security Today | CRM Daily

NewsFactor Business and Innovation Sites
Sci-Tech Today | NewsFactor Business Report

NewsFactor Services
FreeNewsFeed | Free Newsletters

About NewsFactor Network | How To Contact Us | Article Reprints | Careers @ NewsFactor | Services for PR Pros | Top Tech Wire | How To Advertise

Privacy Policy | Terms of Service
© Copyright 2000-2014 NewsFactor Network. All rights reserved. Article rating technology by Blogowogo. Member of Accuserve Ad Network.