Via NeoWin.net…
We all hate Spam. One man hated spam so much that he started a company (Blue Security) to fight it. The manner in which he did it was brilliantly simple: simply ask the spammers to stop spamming his clients.
Okay, so it’s not quite that simple. Since those requests usually go unheeded (or even unread) he took a novel approach, instead of the having only client being spammed ask not to be spammed anymore, he had all of his clients ask that spammer not to be spammed… at the same time… all 522,000 of them.
This slowed down the spammer’s internet access and servers so much that it served as a DoS attack against them, preventing them from spending further spam. Consider this the internet equivalent of “fighting fire with fire.”
Funny thing: it actually worked. Spammers sat up and took notice and some even complied with the requests to stop spamming the clients.
Then the bad news: a spammer fought back, launching a huge DDos attack against this guy and his little Silicon Valley company. Using tens of thousands of hijacked computers, the spammer flooded him with so much internet traffic that it blocked legitimate visitors from going to even going to the site.
It gets worse — the spammer then sent an ominous message: cease all operations or Blue Security customers will soon find themselves targeted with virus-filled attacks. With this attack and threat, that (in my opinion) elevated this spammer from a nuisance to a Cyber Terrorist effecting interstate commerce.
The really bad news: the retaliation worked too — Blue Security today waved a virtual white flag and surrendered; the company shut down.
This sends the wrong message to cyber criminals: if your threat is big enough, and you appear to have the tools to make good on it (like a zombie bot-net at your disposal) — you win.
What we should probably do is something more dramatic: have security firms (such Blue Security, Norton, etc.) from a covert joint strike force — a crack commando unit surving as soldiers of fortune, as it were — to “apprehend” and “detain” these cyber-terrorists and “pursuade” them to cease and desist their criminal activities.
After all, we have a problem, no one else can help, and if we can find them, maybe they can hire… The A-Team!
