The Day DDoS Brought Down Six Apart

_By Jackson West_

At around four o’clock on Tuesday afternoon, Six Apart and their properties Typepad, Typekey and LiveJournal all went dark after a Distributed Denial of Service (DDoS) attack that spokesperson Jane Anderson described as “very sophisticated.” ZDNet suspected that it was a DNS level attack. Q Daily News suggests that the problem arose when a Six Apart customer, Blue Security, rerouted an attack from their own domain to their TypePad-hosted blog. The problem persisted until at least midnight, and was officially resolved by noon on Wednesday.

“We’re not going into details. But obviously it was a criminal act,” said Anderson. “We’ve spoken to law enforcement as a result.” The Six Apart legal team has notified the FBI in the case, and Six Apart is apparently continuing to investigate the problem on their own — presumably to help defend itself against future attacks, as well as provide necessary details to the authorities. Of course, Blue Security themselves have come under fire for their anti-spam technology, which some say amounts to issuing DDoS attacks in retaliation against spammers.

Here is a blow-by-blow of the events of the past week, with BlueSecurity implicating a company called PharmaMaster.

The spammers apparently contacted BlueSecurity via ICQ with threatening messages, and may have even figured out how to specifically target BlueSecurity users for further harrassment. According to WSJ columnist and blogger Jeremy Wagstaff, BlueSecurity’s Eran Rashef is on the record as saying that he didn’t anticipate that the spammer would launch a DDoS attack on such a large player. “I didn’t think he was so crazy as to attack [Six Apart].”

Of course, no one wants to get caught in the middle when Russian spammers and Israeli security companies fight. When asked about the mood at Six Apart’s offices on the day of the attack, Anderson said that they took the attack “very seriously, as one can imagine,” working around the clock to solve the issue and restore service. When asked about the response from users, Anderson gushed, “Our users are just fabulous.” In her years working in the tech industry, “I’ve never encountered such enthusiastic users.”