"Never doubt that a small group of thoughtful, committed citizens can change the world; indeed, it's the only thing that ever has."
-- Margaret Mead
I often spend my Friday columns venting about the latest computer security failure and how all the new evolving solutions will do little to protect us in the long run. But I have to give credit where credit is due, even when it comes from unexpected places.
Taking down spam-producing malware
It appears that a single security company and a technology columnist for The Washington Post has succeeded in bringing down worldwide spam rates 75% or more. No single event has ever accomplished what Brian Krebs and security firm Security Fix did nearly two weeks ago.
In a nutshell, Security Fix (among other computer security firms) had long known that a single Internet hosting company, McColo, based in California, was responsible for hosting a large amount of spam-producing malware and their controlling servers. Questionable hosting companies often claim ignorance when confronted with the facts, and so, too, did McColo.
But Security Fix and Krebs pulled a reverse denial-of-service (DoS) attack, using a DoS attacker's favorite technique against the bad guys. Often when a DoS attacker starts flooding a target Web site, the victim will respond by implementing anti-DoS equipment or services, to drop the illegitimate packets. The attacker will respond by attacking the Web site's hosting company, and if that fails, attack all the upstream Internet pipes. The idea is to cause so much pain that the upstream neighbors call uncle and force the victim down to rescue all the other unintended Web sites. "Sorry about your bad luck," they say.
In this case, the good guys contacted McColo's upstream Internet neighbors and explained the situation. One of the providers immediately disconnected McColo. The other hemmed and hawed a bit, but under public pressure and the threat of unfavorable media exposure courtesy of The Washington Post, eventually responded. Poof! And just like that www.mccolo.com was no longer on the Internet.
In one sudden, unexpected moment, 75% of the world's spam went away. And stayed away. The world noticed. It was that big.