How can a DDoS attack on a single company slow down the entire internet?

ernard

The news wires have been reporting the largest DDoS attack in history is taking place today against a company called Spamhaus. I haven't noticed much of an impact, but the news reports suggest that the effect is being felt by companies including Netflix. How can a single attack have such a wide impact?

Topic: Security
Answer this Question

Answers

3 total
jimlynch
Vote Up (13)

Here's a good overview of DDoS attacks.

Denial-of-service attack
http://en.wikipedia.org/wiki/Denial-of-service_attack

"In computing, a denial-of-service attack (DoS attack) or distributed denial-of-service attack (DDoS attack) is an attempt to make a machine or network resource unavailable to its intended users. Although the means to carry out, motives for, and targets of a DoS attack may vary, it generally consists of the efforts of one or more people to temporarily or indefinitely interrupt or suspend services of a host connected to the Internet.
Perpetrators of DoS attacks typically target sites or services hosted on high-profile web servers such as banks, credit card payment gateways, and even root nameservers. This technique has now seen extensive use in certain games, used by server owners, or disgruntled competitors on games such as Minecraft and League of Legends. The term is generally used relating to computer networks, but is not limited to this field; for example, it is also used in reference to CPU resource management.[1]

One common method of attack involves saturating the target machine with external communications requests, so much so that it cannot respond to legitimate traffic, or responds so slowly as to be rendered essentially unavailable. Such attacks usually lead to a server overload. In general terms, DoS attacks are implemented by either forcing the targeted computer(s) to reset, or consuming its resources so that it can no longer provide its intended service or obstructing the communication media between the intended users and the victim so that they can no longer communicate adequately.

Denial-of-service attacks are considered violations of the IAB's Internet proper use policy, and also violate the acceptable use policies of virtually all Internet service providers. They also commonly constitute violations of the laws of individual nations."

Christopher Nerney
Vote Up (13)

It's because the attackers worked their way upstream from the original target, as this ITworld article explains:

 

The attackers ultimately targeted Tier 1 providers, which operate the networks at the core of the Internet, and Internet Exchanges (IX), critical nodes located around the world that connect large networks like those of Google, Facebook, Yahoo and pretty much every major Internet company.

 

 

henyfoxe
Vote Up (10)

And cue conspiracy theories from The Guardian in 3.....2......1........conspiracy theory!

Ask a question

Join Now or Sign In to ask a question.
Almost 500,000 patient records have been hacked from the servers of the Harley Medical Group, the plastic surgery firm which has clinics across the UK.
Security researchers have found that many satellite communication systems have vulnerabilities and design flaws that can let remote attackers intercept, manipulate, block and in some cases take full control of critical communications.
The U.S. commercial drone industry is still struggling to get off the ground more than two years after President Obama signed into law a bill that permits the civilian use of unmanned aerial vehicles (UAV) over the country's airspace.
Sure, you’ve changed a bunch of passwords, but are you doing all you can to protect yourself?
About 2.6 million payment cards at Michaels Stores and another 400,000 at subsidiary Aaron Brothers may have been affected in a card skimming attack that compromised its point-of-sale systems, the retailer said Thursday.
National security may be at stake as private businesses try to manage a growing number of cyberthreats, but IT professionals shouldn't have to bear that burden alone.
Worried about how the Heartbleed vulnerability may affect your personal accounts? A new tool may be of help.
Whether it's the first time you've picked up an iPad or the seventeenth time you've pulled out your iPhone today, there are probably still some iOS 7 features and functionality that you're not familiar with. Don't sweat it: We're here to help. We've collected some of our favorite and most useful tips and compiled them here, just for you.
The Tor Project has flagged 380 Tor relays vulnerable to the critical Heartbleed flaw to be rejected from the Tor anonymity network, reducing the network's entry and exit capacity.
Cybercriminals have started using a sophisticated Android Trojan app designed for e-banking fraud to target Facebook users, possibly in an attempt to bypass the two-factor authentication protection on the social network.

White Papers & Webcasts

See more White Papers | Webcasts

Join us:
Facebook

Twitter

Pinterest

Tumblr

LinkedIn

Google+

randomness