iNews Cayman has been continually and is still being hit by spammers. They seem nearly always to attack us on a Saturday evening between 6:30pm and 8:00pm.

This has been going on for nearly twelve months when the spammers at first actually managed to redirect anyone trying to log on to our site to a site in Canada selling Viagra among other sex medical aids.

Then they inserted ads for Viagra all over the website.

This took a lot of time to sort out and I have to thank local company Wiggly Pen, The Andco and BlackFin Media both in USA for sorting that mess out.

Now after fixing that problem the spammers have attacked us by a crude cyber assault of distributed mail that appears to emanate from our IP address and gets returned to us causing our site to crash from the amount of traffic.

This has been going on for about nine months now including the spammers able to insert a message that took out our own one  – “Our Eye Your News” replacing it with another proclaiming the virtues of Viagra. They seem to have a fixation with Viagra. We have now fixed that.

The problem is that the spammers have got root access to our server and the complete fix is a very expensive one involving taking the whole website and moving it to another server.

I have never seen the point of why the spammers do this and I said this to Chris Edwards of BlackFin. This was his surprising reply:

“Believe it or not, spamming is financially lucrative. Spammers generally break into someone else’s server and blast out the spam from there so they don’t get their own IP addresses blacklisted. Once they’ve obtained full root access to a server, they can continue to exploit it any time they want. As far as the timing, they may be using some sort of automated script – probably something that remotely triggers a function to blast out more spam. Hard to say for sure, because they are also routinely deleting all traces of the intrusion from the server logs.”

This is borne out from two articles my hardworking associate sent me. This is the short one from The Economist:

Mitigating DDoS attacks

There’s only so much you can do

Jun 22nd 2013 The Economist

Business is lively for firms that help foil DDoS attacks. Stuart Scholly of Prolexic numbers “chocolatiers, battery-makers and health spas” among his clients.

CloudFlare, a competitor, offers a basic service free. Its 1m-odd customers are growing by 5,000 daily. These have included the Israeli Defence Force, the Muslim Brotherhood and the Eurovision Song Contest. “Philosophically, we’re Switzerland,” says its co-founder, Matthew Prince.

Attaching machines to a website’s servers can block traffic from disreputable internet addresses, but let genuine users through. Statistical analysis of past attacks helps detect assaults and adjust filters. But big data floods can overwhelm even these appliances. Another option is using the “cloud” (big arrays of third-party computers). These redirect traffic through powerful “scrubbing centres”.

Politicians squabble about the role of governments. Some think big firms should buy commercial protection. Others think cyber-police should secure the pipes—like those who already keep roads, skies and borders safe.

Yet making targets more resilient only partly solves the problem. Stemming the source of bogus traffic matters, too. Network administrators need to do more to prevent troublemakers from hijacking their hardware, quickly detecting when a botnet has enslaved their computers, and fixing DNS servers when their inherent flaws are exploited. Mike Smith at Akamai, a networking firm, likens this to a “public health” problem: an insecure network is “Typhoid Mary”.

END

The other much longer article, also from The Economist”, is published on its own in iNews Cayman today under the title “Cyber-attacks: Computer says no”.

It’s well worth a read.

It’s no comfort, however, to know we are not alone.