Blue Security Gives Up, Spammer Wins - InformationWeek

InformationWeek is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

IoT
IoT
News
News
5/17/2006
02:10 PM
50%
50%

Blue Security Gives Up, Spammer Wins

The anti-spam venture embroiled in a denial-of-service attack that brought down millions of blogs two weeks ago has closed shop. One observer wonders why Blue Security wasn't better prepared.

The anti-spam venture embroiled in a denial-of-service attack that brought down millions of blogs two weeks ago has thrown in the towel. Wednesday morning, Israeli-based Blue Security posted a message on its site -- now offline -- that it is shutting down operations.

Blue Security, which debuted its spam-fighting service last summerand built up a user base of more than 500,000, decided to wave the white flag after its servers were knocked offline by an aggressive denial-of-service (DoS) attack it claimed was launched by a deep-pocket Russian spammer tagged as "PharmaMaster."

May 3, in an attempt to get out the word about the DoS, Blue Security repointed its domain to an unused blog on Six Apart's TypePad blogging service. Within minutes, PharmaMaster attacked the blog with another DoS, which brought down Six Apart and left millions without access to their blogs. Blue Security's domain name service provider, Tucows, was also hit with a DoS and knocked offline for several hours; Tucows going down took thousands of Web sites it hosts with it.

Wednesday, Blue Security said it had to give up because it couldn't sustain the fight against spammers. "Several leading spammers viewed [us] as a strategic threat to their spam business," Eran Reshef, Blue Security chief executive wrote in the message posted to the company's site.

"After recovering from the attack, we determined that once we reactivated the Blue Community, spammers would resume their attacks. We cannot take the responsibility for an ever-escalating cyber war through our continued operations.

"As much as it saddens us, we believe this is the responsible thing to do," said Reshef, who did not respond to an e-mail requesting additional comment. Later Wednesday, a spokesman said that the company would not be making any additional statements beyond the message on its site.

"I'm not surprised that they shut down," said Todd Underwood, chief of operations and security at Manchester, N.H.-based Renesys, an Internet monitoring and routing analysis firm. "People who go after spammers get attacked by spammers."

Underwood added that although Blue Security was doomed to fail, it should have been able to weather these first rounds of attacks. "It was apparent how ill-prepared they were to deal with a DoS attack. They could have lasted a lot longer if they had been prepared."

Reshef admitted as much after the URL redirection brought down TypePad. "It wasn't the best decision to reroute traffic to TypePad," Reshelf said then.

Blue Security's model -- an automated agent sent an opt-out request in a tit-for-tat whenever a user received a spam message -- could only have worked if it accumulated a base large enough that spammers would find it impossible to strike back, Underwood argued.

Its surrender, though regrettable, was the right decision. "It was always clear that they would subject innocent users to attacks. There's simply no way to directly attack spammers that doesn't risk significant collateral damage," Underwood concluded.

Currently, Blue Security's Web site is offline. It's not clear, however, whether the situation is temporary, or if the company has closed the site for good.

We welcome your comments on this topic on our social media channels, or [contact us directly] with questions about the site.
Comment  | 
Print  | 
More Insights
The State of Cloud Computing - Fall 2020
The State of Cloud Computing - Fall 2020
Download this report to compare how cloud usage and spending patterns have changed in 2020, and how respondents think they'll evolve over the next two years.
News
Top 10 Data and Analytics Trends for 2021
Jessica Davis, Senior Editor, Enterprise Apps,  11/13/2020
Commentary
Where Cloud Spending Might Grow in 2021 and Post-Pandemic
Joao-Pierre S. Ruth, Senior Writer,  11/19/2020
Slideshows
The Ever-Expanding List of C-Level Technology Positions
Cynthia Harvey, Freelance Journalist, InformationWeek,  11/10/2020
Register for InformationWeek Newsletters
Video
Current Issue
Why Chatbots Are So Popular Right Now
In this IT Trend Report, you will learn more about why chatbots are gaining traction within businesses, particularly while a pandemic is impacting the world.
White Papers
Slideshows
Twitter Feed
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.
Sponsored Video
Flash Poll