jeffy124's Journal: DDoS of Anti-Spam Efforts: Cyberterror?

Pulling out the C word will make me very unpopular right away, but I fell I have a decent argument. "Terrorism" is typically defined as an individual or group engaging in significantly malicious acts to draw attention to their position or objective, frequently an extreme political one. Here, we have a group of individuals (spammers) whose desire is to overflow inboxes of everyone on the planet no matter the cost. Suspicion is on them to be the architects of a cluster of zombie boxes via the Sobig email worm, and are now utilizing those zombies to DDoS those hosting anti-spam efforts, such as Monkeys.net, getting them offline. This seems to fit the definition of using malicious acts to impose an extreme political stance, and it's an act that has met the actor's objective. Would getting that "Cyberterrorist" label attached to this anonymous subset of spammers be a way of getting the attention of law enforcement, given that Ron Guilmette cited their "lack of interest" in his decision?

Yes, I actually submitted that to the queue. I normally don't take on a political opinion or express it in this manner, but I felt this was a case where it would be useful. The idea of a spammer DDoS'ing blacklists hit me a few days ago while driving home from work, thinking over recent issues while getting stuck in traffic. I have serious doubts it'll get accepted, but I decided to try it anyway, just in case a Slashdot editor decides its something reasonable or worth discussing, given the seriousness of the issue.

Update: Placed in the circular file.

Some Issues

[The Turd Report]

The anti-spammers that are getting DoS'd need to contact their upstream/backbone provider and get the attacks traced back. Right now, they seem to just be making random guesses at who is doing it. They need to work with their upstream(s) and the teir-1 providers they are under to trace the attacks. However, many anti-spammers have pissed off teir-1 providers to the point that most won't help them. Even Osirusoft's upstream wouldn't help them when they were being DoS'd.

Re:Some Issues

[jeffy124]

yeah, I agree that there's a lot of speculation as to the precise whodunit. Why a provider cant detect a flood on their own and do something, I dont know.

It's highly likely that one site by itself getting DDoS'd is just a script kiddie with nothing better to do, but a collection of sites with common goals and aims getting DDoS'd is likely much more coordinated.

Re:Some Issues

[The Turd Report]

yeah, I agree that there's a lot of speculation as to the precise whodunit. Why a provider cant detect a flood on their own and do something, I dont know.

Well, providers can detect and block a flood, but only a teir-1 (or several teir-1s working together) can do something (ie: find the source).

It's highly likely that one site by itself getting DDoS'd is just a script kiddie with nothing better to do, but a collection of sites with common goals and aims getting DDoS'd is likely much more coordinated.

I

Nope

[turg]

Pulling out the C word will make me very unpopular right away, but I fell I have a decent argument. "Terrorism" is typically defined as an individual or group engaging in significantly malicious acts to draw attention to their position or objective, frequently an extreme political one.

No, the purpose of terrorism is to inspire terror. e.g. the point of having a suicide bomber blow up in a cafe is not to take out just that one cafe but to make people afraid to go to any cafe, or anywhere else in public. The

Re:Nope

[Otter]

Agreed. I'm not one to freak out about anti-terrorism legislation, if it's obviously being applied carefully, but extending the word to cover anything antisocial is a recipe for disaster. There are plenty of forms of intimidation or extortion that are entirely illegal but which don't rise to the level of terrorism.