The EU cyber-security agency, ENISA, analyses the recent massive cyber-attack on Spamhaus-- and concludes ISPs still lack well-known security measures available for over 10 years.
Such an error is a key factor behind the failure to counter major attacks, the agency says in the "Can Recent Cyber Attacks Really Threaten Internet Availability?" information flash note.
The note analyses the recent attack against spam filtration firm Spamhaus, one described as "the biggest attack in history." The massive DDoS attack was over 1 week long, caused problems at the London Internet Exchange and slowed internet access in the UK, Germany and other W. European countries.
While crude in technique, DDoS attacks remain effective-- and according to ENISA many ISPs fail to comply with Best Current Practice 38 (BCP38), a recommendations list nearly 13-years old. Read more...