THE HAGUE, Netherlands – A Dutch citizen has been arrested in Spain in connection with what experts described as the biggest cyberattack in the history of the Internet, one launched against an anti-spam watchdog group last month, prosecutors announced Friday.
The Netherlands National Prosecution Office said a 35-year-old suspect it identified only by his initials, S.K., was arrested Thursday at his home in Barcelona. Authorities also seized computers and mobile phones. Dutch prosecutors do not release full names of suspects, in line with privacy laws.
According to a prosecution statement, the man is suspected of “unprecedentedly serious attacks on the non-profit organization Spamhaus.” He was held on a European arrest warrant and is expected to be extradited to the Netherlands to face justice.
The so-called denial-of-service attack on Spamhaus fired a torrent of data at the organization’s servers and was blamed for other disruptions online. Dutch banks and an electronic payment service also have been hit by similar attacks in recent weeks, but prosecutors say they do not believe they are linked to the Spamhaus incident
Spamhaus, a site responsible for keeping ads for counterfeit Viagra and bogus weight-loss pills out of the world’s inboxes, said it apparently was targeted by groups angry at being blacklisted by the Swiss-British group.
Prosecutors said the cyberattack also hit “partners” of Spamhaus in the United States, the Netherlands and Britain.
At the time, Vincent Hanna, a researcher with Spamhaus, called it a “small miracle” the organization had remained online during the cyber onslaught.
Denial-of-service attacks overwhelm a server with traffic — like hundreds of letters being jammed through a mail slot at the same time. Security experts measure those attacks in bits of data per second. Recent cyberattacks — such as the ones that caused persistent outages at U.S. banking sites late last year — have tended to peak at 100 billion bits per second.
But the assault on Spamhaus shattered the charts, clocking in at 300 billion bits per second, according to San Francisco-based CloudFlare Inc., which Spamhaus enlisted to help it weather the attack.