The anti-spam venture embroiled in a denial-of-service attack that brought down millions of blogs two weeks ago has closed shop. One observer wonders why Blue Security wasn't better prepared.
The anti-spam venture embroiled in a denial-of-service attack that brought down millions of blogs two weeks ago has thrown in the towel. Wednesday morning, Israeli-based Blue Security posted a message on its site -- now offline -- that it is shutting down operations.
Blue Security, which debuted its spam-fighting service last summerand built up a user base of more than 500,000, decided to wave the white flag after its servers were knocked offline by an aggressive denial-of-service (DoS) attack it claimed was launched by a deep-pocket Russian spammer tagged as "PharmaMaster."
May 3, in an attempt to get out the word about the DoS, Blue Security repointed its domain to an unused blog on Six Apart's TypePad blogging service. Within minutes, PharmaMaster attacked the blog with another DoS, which brought down Six Apart and left millions without access to their blogs. Blue Security's domain name service provider, Tucows, was also hit with a DoS and knocked offline for several hours; Tucows going down took thousands of Web sites it hosts with it.
Wednesday, Blue Security said it had to give up because it couldn't sustain the fight against spammers. "Several leading spammers viewed [us] as a strategic threat to their spam business," Eran Reshef, Blue Security chief executive wrote in the message posted to the company's site.
"After recovering from the attack, we determined that once we reactivated the Blue Community, spammers would resume their attacks. We cannot take the responsibility for an ever-escalating cyber war through our continued operations.
"As much as it saddens us, we believe this is the responsible thing to do," said Reshef, who did not respond to an e-mail requesting additional comment. Later Wednesday, a spokesman said that the company would not be making any additional statements beyond the message on its site.
"I'm not surprised that they shut down," said Todd Underwood, chief of operations and security at Manchester, N.H.-based Renesys, an Internet monitoring and routing analysis firm. "People who go after spammers get attacked by spammers."
Underwood added that although Blue Security was doomed to fail, it should have been able to weather these first rounds of attacks. "It was apparent how ill-prepared they were to deal with a DoS attack. They could have lasted a lot longer if they had been prepared."
Reshef admitted as much after the URL redirection brought down TypePad. "It wasn't the best decision to reroute traffic to TypePad," Reshelf said then.
Blue Security's model -- an automated agent sent an opt-out request in a tit-for-tat whenever a user received a spam message -- could only have worked if it accumulated a base large enough that spammers would find it impossible to strike back, Underwood argued.
Its surrender, though regrettable, was the right decision. "It was always clear that they would subject innocent users to attacks. There's simply no way to directly attack spammers that doesn't risk significant collateral damage," Underwood concluded.
Currently, Blue Security's Web site is offline. It's not clear, however, whether the situation is temporary, or if the company has closed the site for good.
How Enterprises Are Attacking the IT Security EnterpriseTo learn more about what organizations are doing to tackle attacks and threats we surveyed a group of 300 IT and infosec professionals to find out what their biggest IT security challenges are and what they're doing to defend against today's threats. Download the report to see what they're saying.
Infographic: The State of DevOps in 2017Is DevOps helping organizations reduce costs and time-to-market for software releases? What's getting in the way of DevOps adoption? Find out in this InformationWeek and Interop ITX infographic on the state of DevOps in 2017.
IT Strategies to Conquer the CloudChances are your organization is adopting cloud computing in one way or another -- or in multiple ways. Understanding the skills you need and how cloud affects IT operations and networking will help you adapt.