Kamphuis said that he didn't attack Spamhaus himself. The attacks came mainly from China and Russia, he said. "We have quite a few people in the group [Stophaus] that are in areas where it isn't such a problem to launch these kind of attacks."
CB3ROB and Cyberbunker did a "test" together to intercept traffic to Spamhaus' network, but that isn't a DDoS attack, Kamphuis said.
When CloudFlare was attacked, other websites went down too, but CloudFlare can't blame Stophaus for that, Kamphuis said. "They decided that it was a good idea to start hosting a company that is attacked by the biggest DDoS ever," he said.
"They can claim that we are destroying the Internet but we, the hosters, built the Internet," he said, adding that it is Spamhaus that is a "nuisance" for the Internet, not the other way around.
"Some people online claim that we are not accountable and can just 'censor' anything we want," said Vincent Hanna, a spokesperson for the Spamhaus Project, Wednesday via email. "This is obviously not the case. Not only do we have to operate within the boundaries of the law, we are also accountable to our users."
"If we started advising our users not to accept mail from certain places where they actually do want email from, they would be very quick to stop using our data because it's obviously not working right for them," he said. "We take pride in the quality of our data and the fact that the biggest ISPs and networks all over the world use our data is a big vouch to the quality of our data."
This was the biggest attack ever directed at Spamhaus, Hanna said. However, the organization is constantly under attack and tries to ensure that its users will continue to have access to its data, he said.
The core Internet infrastructure may certainly get overwhelmed by the amount of traffic involved in a large-scale attack, Hanna said. "When this happens other traffic may get impacted too. Compare it to a big highway: If the traffic jam gets big enough the on-ramps will slow down and fill up, and the roads to the on-ramps will fill up too."
The Dutch Public Prosecution Service has launched a criminal investigation into the DDoS attacks targeting Spamhaus after being notified by the Team High Tech Crime (THTC) of the Dutch Police, said spokesman Paul van der Zanden. There is enough cause for an investigation, he said.
(With reporting by Loek Essers in Amsterdam.)
Sign up for Computerworld eNewsletters.