Tag Archives: BBC

Real Mafia War Online; Could Crash the Global Internet

Last week econoTwist’s reported on what most likely was tha largest cyber attack on US banks, ever. Now, it turns out, that it was only the beginning of something much larger – and even more scarier – the largest computer attack in the history of the Internet. The biggest DDoS attack ever recorded is said to be  jamming crucial infrastructure all over the world and causing widespread congestion. But this has nothing to do with the Anonymous or other online activists – this is in fact the first full-blown real mafia war online we’ve ever seen. I’m afraid it won’t be the last.

“These guys are just mad.”

Patrick Gilmore

mafia-wars-wallpaper

According to BBC, five national cyber-police-forces are investigating the attacks. The attackers have used a well-known  tactic called “Distributed Denial of Service (DDoS),” which floods the intended target with large amounts of traffic in an attempt to render it unreachable. But they have also found a way to amplify the effect, creating a data-tsunami of 300 gigabyte per second – three times larger than any DDoS attack we’ve seen before.

The intended main target appears to be Spamhaus, a European organization that maintains a blacklist of ISPs that supposedly host “spam gangs” and who refuse to stop serving them as customers.

Spammers are – plain and simple – the marketeers of organized crime, making it possible for counterfeit products, medicine and illegal (child) pornography to reach potential customers worldwide. They are the “street pushers” of internet dope.

And the competition seems to have reached  a whole new level.

wp7As you can imagine, Spamhaus has no shortage of enemies, given its line of business. But most rumors point to the Dutch spammer CyberBunker who that prides in hosting anything –  except terrorist material and child pornography. Cyberbunker brags on its Web site that it has been a frequent target of law enforcement because of its “many controversial customers.” The company also claims that at one point it fended off a Dutch SWAT team“Dutch authorities and the police have made several attempts to enter the bunker by force,” the site says. “None of these attempts were successful.”

However, up until now these cyber cowboys have fought their internal battles mostly by blocking each others traffic. But this time the Dutch were really, really angry.

Sven Olaf Kamphuis, an Internet activist who claims he is a spokesman for the attackers, says in an online message to The New York Times that  Cyberbunker was retaliating against Spamhaus for “abusing their influence.” 

according to the NYT, they got help from Eastern European and Russian gangs.

“Nobody ever deputized Spamhaus to determine what goes and does not go on the Internet. They worked themselves into that position by pretending to fight spam,” Mr. Kamphuis says.

Spamhaus is pretty resilient, as its own network is distributed across many countries, but the attack was still enough to knock its site offline on March 18. A spokesman for Spamhaus says the attacks began on March 19, but have so far not stopped the group from distributing its blacklist.

Patrick Gilmore, chief architect at Akamai Technologies, confirms Spamhaus’s role as generator of Internet spammer lists.

Commenting on Cyberbunker, he says: “These guys are just mad. To be frank, they got caught. They think they should be allowed to spam.”

Mr. Gilmore also explains that the attacks consists of concentrate data streams that are larger than the Internet connections of entire countries.

He compares the technique to using a machine gun to spray an entire crowd when the intent is to kill one single person.

If you want to read what the involved parties have to say for themselves – here are some links:

Amplified Attack

What makes this case specially interesting (and disturbing) is that the cyber criminals seems to have found a way to amplify the attacks.

Professor Alan Woodward of the University of Surrey, one of the UK’s premier computer security experts, says that the attack “seems to be orders of magnitude larger than anything seen before,” and highlights the technique that’s been used.

“The thing that got people talking is that it’s a DNS amplification attack. The point is, if you’re targeting something and  the target has a 10 Gbps switch, you only have to throw 11 Gbps at it and you’ve pole-axed the system. If it is at 300 Gbps, then potentially some of the main infrastructure is being affected, though I’m not sure how much it’s really affecting it.”

The company that Spamhouse called for help, (Cloudflare), provides an even more detailed explanation:

“The largest source of attack traffic against Spamhaus came from DNS reflection… This method has become the source of the largest Layer 3 DDoS attacks we see (sometimes well exceeding 100Gbps). Open DNS resolvers are quickly becoming the scourge of the Internet and the size of these attacks will only continue to rise until all providers make a concerted effort to close them…”

“The basic technique of a DNS reflection attack is to send a request for a large DNS zone file with the source IP address spoofed to be the intended victim to a large number of open DNS resolvers. The resolvers then respond to the request, sending the large DNS zone answer to the intended victim. The attackers’ requests themselves are only a fraction of the size of the responses, meaning the attacker can effectively amplify their attack to many times the size of the bandwidth resources they themselves control.”

Exactly, How Dangerous?

Steve Linford, chief executive for Spamhaus, says that this kind of attack power would be strong enough to take down government internet infrastructure.

“If you aimed this at Downing Street they would be down instantly, They would be completely off the internet.”

“They are targeting every part of the internet infrastructure that they feel can be brought down,” Mr Linford says.

“There’s certainly possibility for some collateral damage to other services along the way, depending on what that infrastructure looks like,” says Dan Holden,  director of security research at Arbor Networks.

“If it was done really seriously in a wider attack, then it could affect many users. Trying to take down the whole internet is impractical, but you could start to decapitate sections of it,” Professor Alan Woodward says, according to gigaom.com.

medium_complicated_censoredSo, just to summarize:

  • We now have local police trawling Facebook in search of gang activity.
  • The FBI is busy chasing trolls who mocks them by hacking their computers.
  • Governments are making laws to forbid people from speaking their mind on their personal blogs.
  • Meanwhile, the really dangerous cyber criminals are experimenting with new cyber weapons with unimaginable destruction power. 

4 Comments

Filed under Laws and Regulations, Technology

Here: The Economy Parody Songbook 2011

http://www.versusplus.com is out with their annual collection of economy parody songs; “The Versusplus Holiday Songbook”. Their combination of economic insight and musical talent makes the verusplus music videos of an exceptional high standard. Enjoy your holiday – and the songbook of 2011!

Spain is feeling smitten, France is feeling fried. Britain felling bitten, Wall Street occupied.”

VERSUSPLUS

It’s beginning to look a lot more riskless

You’ll find the whole songbook of 2011 here.

Hear also: font-family: Gallery;”>BBC interview of Marcy Shaffer & Jon Shayne/Merle Hazard from versusplus

Related by econoTwist’s:

MORE AT:

iRock

1 Comment

Filed under International Econnomic Politics, National Economic Politics, Philosophy

The Gaddafi Effect

The drama in Libya, accompanied by the rising oil prices, was naturally the center of investors attention Tuesday.  Libya is the world’s 12th largest producer of oil, and the third largest supplier to Europe, and a potential supply disruption would have a material effect on prices.

“As ex-colonial master Italy has stronger links than most, and the current Italian government has courted a two-way investment relationship with the Gaddafi regime.”

Gavan Nolan


The Markit iTraxx Europe widened to beyond 100 basis points Tuesday morning, hitting this level for the first time in nearly a month, though a slight decline in the oil price to $106 a barrel helped it recover mid-afternoon. Banks and sovereigns were relatively stable today, and it remains to be seen whether the upcoming Irish general election will be overshadowed by events further afield, Markit Financial Information report.

Risk aversion permeated the markets today as investors grappled with the implications of turmoil in the Middle East and North Africa.

After the revolutions in neighbouring Tunisia and Egypt, it now seems that Libya is the next most likely country to see a forced change in government.

The protests have been met with a violent response by the Gaddafi regime, prompting widespread condemnation from world leaders. Senior figures from the government, including the justice minister and ambassadors to the US and UN, have abandoned Gaddafi, according to reports.

“The unrest had a predictable effect on other MENA sovereign spreads, i.e. widening. Libya itself doesn’t trade in the CDS market (no debt outstanding) but Morocco, a more liberal North African country, does. Its spreads widened beyond 200bp today, approaching the levels it reached at the peak of the “Jasmine Revolution” in Tunisia late last month,” credit analyst Gavan Nolan at Markit writes in his daily summary. Adding: “In contrast to the highly autocratic Libya, Morocco does have some level of democracy and is a constitutional monarchy. But protests have still broken out in recent days, with groups as diverse as trade unionists and Islamic fundamentalists calling for less corruption and more press freedom – a reminder that democracy is more than elections.”

Western investors the primary concern was the rising price of oil. Brent crude – now considered a better gauge of global demand due to supply issues for WTI – hit $108 a barrel last night.

Libya is the world’s 12th largest producer of oil, and the third largest supplier to Europe, and a potential supply disruption would have a material effect on prices. Like most Arab countries, the national, state-owned oil firm is the major producer. But there are several western-firms that have operations in Libya, including joint ventures with the government.

“As ex-colonial master Italy has stronger links than most, and the current Italian government has courted a two-way investment relationship with the Gaddafi regime. Eni, the largest Italian oil company, has extensive production facilities in the country, as does Spanish firm Repsol. Both firm’s have seen spread widening this week, though the movements are relatively modest so far,” Nolan points out.

The energy and utilities sectors led the broader market wider, though again the movements weren’t dramatic.

The Markit iTraxx Europe widened to beyond 100 bp’s earlier this morning, the first time it has hit this level in nearly a month, though a slight decline in the oil price to $106 a barrel helped it recover mid-afternoon.

“Banks and sovereigns were relatively stable today, and it remains to be seen whether the upcoming Irish general election will be overshadowed by events further afield,” Gavan Nolan at Markit Credit Research concludes.

See also: Markit. Chart of the Day

Related by the Econotwist’s:

44 Comments

Filed under International Econnomic Politics