I’m not celebrating… simply stating a fact. This morning the Washington Post reported that the Israeli anti-spamming service Blue Security has thrown in the towel. Blue Security’s approach was unique to say the least: they spammed the spammers. When a spammer sent emails to a Blue Security customer, Blue Security responded with an automated “take me offa list” sort of message. Considering that spammers send out millions of emails a day, the automated replies were designed to act like a DDoS attack, shutting down spam operations and hitting the spammers where it hurts: their pocket books.
But when you fight fire with fire, sometimes you get burned. Blue Security could dish it out, but they weren’t set up to take it. Earlier this month, they felt the full force of an attack by a (purportedly) Russian spammer, known as PharmaMaster, who shut down the Blue Security website, several webhosts, and a blog network. According to comments in a Wired article made by Blue Security’s CEO Eran Reshef, Mr. Pharma somehow gained access to a top-level ISP and simply prevented traffic from reaching their site. The pro-spammer attack was well-coordinated. It was preceded by email threats sent to Blue Security customers and followed up with DDoS attacks against sites associated with Blue Security, which included a DNS provider, Tucows, which manages Blue Security’s website and the Six Apart blog network. According to Reshef in the Post article, Blue Security was never prepared to be involved in an online war. And so they’ve officially closed their doors.
Spam is more than just an every day annoyance. It’s a multimillion dollar industry supported by extortion, bribery and threats. Spammers are gangsters. Spam is organized crime. It’s a hard pill to swallow if you live in a world of happy computer users and happy spam filters. Blue Security’s resignation isn’t just a failed attempt to strike back at spam. It’s a window into the character of spamming organizations. It shows that they are smart, organized, cunning, and will go to almost any length to defend themselves. Blue Security’s service wasn’t designed as an engine of war. It was only designed to do one thing: spam the spammers. So Reshef was right, having been unprepared for battle, he should flee.
But while Blue Security is now gone, the fact that SeÃƒÂ±or Pharma responded to their attacks with a multi-front counter attack should be a reminder that spam can’t be countered by a single strategy. It will take an effort just as organized, just as multifaceted, and just as international as the spam organizations themselves. A proactive anti-spam initiative needs to include more than just online filters, or online countermeasures. It also needs to include legal, law enforcement, and investigative measures.