The PJ Tatler

Dutch Man Arrested in Web Attack on Anti-Spam Protection Organization

A Dutch man who is thought to have mastermindeded a massive web attack on Spamhaus, an international organization dedicated to fighting companies who send out spam emails, is under arrest after a request from a Dutch prosecutor.


The man arrested is believed to be Sven Kamphuis, the owner and manager of Dutch hosting firm Cyberbunker that has been implicated in the attack.

“Spamhaus is delighted at the news that an individual has been arrested and is grateful to the Dutch police for the resources they have made available and the way they have worked with us,” said a Spamhaus spokesman.

He added: “Spamhaus remains concerned about the way network resources are being exploited as they were in this incident due to the failure of network providers to implement best practice in security.”

Spamhaus servers were hit with a huge amount of data via an attack technique known as a Distributed Denial of Service (DDoS) attack. This attempts to overwhelm a web server by sending it many more requests for data than it can handle.

A typical DDoS attack employs about 50 gigabits of data every second (gbps). At its peak the attack on Spamhaus hit 300 gbps.

Cyberbunker is thought to have kicked off the attack in late March after Spamhaus blocked some servers hosted by the Dutch firm. Cyberbunker bills itself as a firm that will host anything but child pornography and terrorism material.

Non-profit Spamhaus maintains what are known as “block lists” which many organisations use to spot sources of spam and other junk mail to stop them clogging mail servers and inboxes with unwanted messages.

Mr Kamphuis took exception to Spamhaus’s action saying in messages sent to the press that it had no right to decide “what goes and does not go on the internet”.

In a statement, the Dutch public prosecutor said the Dutchman, who it only identifies as “SK”, was “suspected of unprecedented heavy attacks” on Spamhaus. The house where SK was stayed was searched at the time of his arrest and Spanish police confiscated computers, phones and hard drives.

The BBC describes the attack on Spamhaus as one of the “biggest ever” and may have involved criminal networks in Eastern Europe.

Spamhaus is not without its critics, including legitimate businesses who have been placed on their spam list. The problem comes in defining exactly what “spam is. Clearly, the email scams from Nigerians and other obvious attempts at fraud should be blocked. But what of legitimate businesses that purchase email lists for the purpose of sending advertising emails?

The USPS separates such clutter and makes it possible for the consumer to opt out of receiving most of it. But no such service exists on the internet. We can calibrate our spam filters so that it doesn’t clutter our inboxes, and most email services give you the option of using key words to block spam altogether. The latter is especially helpful in preventing advertisements for sex sites and sex products to ever reach your email box.

But using key words to block advertisements risks stopping legitimate, wanted mail from being received. Spamhaus, while occasionally being overzealous in applying its definition of spam, nevertheless performs a valuable service in helping to clean up the internet.

PC World
is reporting that the suspect is wanted for other computer crimes as well. Reason enough to take a spammer off the net so that we don’t have to be bombarded every day by scams from Nigerian princes and ads for products that don’t exist.

It looks like the Nigerians will have to find another way to deliver its email scams.