I see reports of cyber-attacks every day. But those at the front lines are telling me that yesterday’s Denial of Service attack against the Spamhaus email anti-abuse blacklist is genuinely something out of the ordinary.
Spamhaus are some of the good guys that work to keep email usable, despite the efforts of the people who send spam.
Spam is not just a nuisance, it is the tool of choice for Internet criminals who send out malware and viruses, recruiting money movers and parcel reshippers for their criminal ventures. They sell a lot of drugs as well.
According to Spamhaus, the source of the attack is Cyberbunker, an organization based in the Netherlands. Originally built as a nuclear warfare bunker, and sold off as surplus, the Cyberbunker has been at the center of a lot of unsavory activities, and some that are just plain weird.
About ten years ago, there was a big debate over the management of the core naming system of the Internet, the DNS. The DNS is the infrastructure that connects a name such as americablog.com to an Internet address. For historical reasons, the DNS is currently under the defacto control of the US government, which has devolved some (but not all) management responsibility to an organization called ICANN, which is in theory independent.
There are of course many good reasons why other governments would get concerned about this situation. In 2004, the government of Turkey (or at least one part of it) got so concerned as to decide to transfer control of the DNS root for Turkey to an organization calling itself ‘Public Root,’ that operated out of the Cyberbunker. According to some reports, the plan was very close to being put into action, only to be thwarted at the last moment when a fire broke out in another part of the Cyberbunker, and the police discovered a lab making ecstasy in the bunker while the fire was being put out.
According to its manifesto, the Cyberbunker will accept any type of business, other than child pornography and anything related to terrorism. One of the groups hosted at the Cyberbunker was the Russian Business Network (RBN), a notorious organized crime ring that the Russian authorities were finally forced to break up in 2007 after a story in The Economist.
A group claiming to own the Cyberbunker has published what purports to be a declaration of independence. Rather more substantial than their legal arguments, however, are the five-foot thick concrete walls of the bunker. This could end very badly indeed.