The battle against online extortion took a mortal hit today as Blue Security Inc. announced they are closing up shop. Blue Security had attempted to battle online extortion and spam by bombarding spammers with email from all 522,000 of its clients. As the Washington Post tells the story:
That led to a flood of Internet traffic so heavy that it disrupted the spammers' ability to send e-mails to other victims -- a crippling effect that caused a handful of known spammers to comply with the requests.
Then, earlier this month, a Russia-based spammer counterattacked, [company founder Eran] Reshef said. Using tens of thousands of hijacked computers, the spammer flooded Blue Security with so much Internet traffic that it blocked legitimate visitors from going to Bluesecurity.com, as well as to other Web sites. The spammer also sent another message: Cease operations or Blue Security customers will soon find themselves targeted with virus-filled attacks.
Today, Reshef will wave a virtual white flag and surrender. The company will shut down this morning and its Web site will display a message informing its customers about the closure.
Alan Paller, director of research for the SANS Institute, a computer security training group, the attackers' extortionist demands were that the company merely stop interfering in a multimillion-dollar spam operation. "We're hearing from federal law enforcement that they are getting more than one new case of online extortion each day," Paller said.
The spammers' attack took out Six Apart's TypePad and LiveJournal services and temporarily shutdown opreations at Tucows Inc, which managed Blue Security's site.
Tucows chief executive Elliot Noss called the attack "by far the largest the company had ever seen," and said that only a handful of companies have the infrastructure in place to withstand such an assault, much less a more powerful one. This attack really was like trying to take out a mosquito with an atomic bomb," Noss said.
The FBI is investigating the attacks.