Cyberbunker, Part 1

Sven Kamphuis and Herman Johan Xennt are quite dissimilar: one is young, the other is old, one is a Freedom Fighter, the other a businessman. In 1996, their unlikely partnership coalesced around a mutual deep hatred towards authority - and around a very unusual building: a Cold-War era nuclear bunker.

Hosted By

Ran Levi

Co-Founder @ PI Media

Born in Israel in 1975, Ran studied Electrical Engineering at the Technion Institute of Technology, and worked as an electronics engineer and programmer for several High Tech companies in Israel.
In 2007, created the popular Israeli podcast, Making History, with over 15 million downloads as of July 2022.
Author of 3 books (all in Hebrew): Perpetuum Mobile: About the history of Perpetual Motion Machines; The Little University of Science: A book about all of Science (well, the important bits, anyway) in bite-sized chunks; Battle of Minds: About the history of computer malware.

Cyberbunker, Part 1

To say that Sven Olaf Kamphuis is an eccentric character, would be an understatement. In his Stack Exchange profile he describes himself as – 

“His Royal Highness Prince Sven Olaf […], Hacker of all frequencies, […] God-Emperor of Amsterdam.”

Former associates who worked with him in his native country, The Netherlands, describe him as a brilliant programmer – but also as a loner who has trouble connecting with others around him. For example, one colleague recalls that as a Help Desk representative for the Dutch ISP XS4All, Sven would often confuse customers:

 “He was very smart. Too smart for customers, by the way. Oftentimes they couldn’t understand his technobabble when he tried to help them.”

In 1996 Sven started a company called CB3ROB that did security checks for other organizations. One such client was a web hosting company called Cyberbunker – which is how Sven met yet another eccentric dutchman: Herman Johan Xennt. 

The two men were quite different in both their physical appearance and motivations. Sven was a slender twenty-something youth with a thick pair of eyebrows and a deep, penetrating look – while Xennt was already in his late thirties and sported what some commentators described as a ‘James Bond villain’ look, with pale white skin and long, wavy blond hair. Sven described himself as an Internet Freedom Fighter, along the lines of Julian Assange of WikiLeaks – while Xennt was more of a businessman: he started his journey in the tech world as a dealer in computer parts, and later established a few web hosting companies.

What brought these two very different types together was probably their shared hatred towards authority. Sven had a rich history of tackles with his managers, who constantly reprimanded him for hacking XS4ALL’s computer systems. Xennt’s latest web hosting business, Cyberbunker, promised its clients full protection from “government meddling”. Their unlikely partnership coalesced around the unusual building that gave Xennet’s company its name. 

The Bunker

The bunker was built by NATO in 1955, at the height of the Cold War between the US and the Soviet Union. Nuclear war between the two superpowers seemed like a real possibility, and so the military complex, erected near the small town of Kloetinge in the south of the Netherlands, was designed to survive a close-by nuclear blast of up to 20 megatons of TNT. Its five subterranean levels enclosed over 20,000 square feet, protected by 15 feet thick concrete walls and designed to shelter up to 72 people for over ten years. It had water reserves, a pair of diesel-power electricity generators, a meeting room with a 15 feet long black table facing a huge screen, an industrial-class kitchen and even a sauna, because…well, why not. 

In 1996, Following the collapse of the Soviet Union, NATO decided to decommission the bunker and sell it off. Johan Xennt jumped on the opportunity and purchased the facility. 

It’s not hard to guess the reasons behind the unusual purchase. One of the most important considerations when choosing a location for any data center is reliability: a hosting service can have thousands of customers, for whom the availability of their online services is often of paramount importance. That is part of the reason why most cloud providers have multiple facilities spread across different geographical locations, so that if a natural disaster – flood, fire, earthquake, whatever – hits one facility, the rest will continue to operate as normal and shoulder the load of the battered server farm. Xennt didn’t have the resources to offer such redundancy to his clients – but the old bunker offered a fantastic alternative: the fact that it was built to withstand a nuclear attack meant that it was also invulnerable to almost anything mother nature could throw at it. From a pure business perspective, this was a strong selling point that Xennt made sure to emphasize in Cyberbunker’s client-facing website, by highlighting numerous pictures of the bunker’s robust gray walls and impressive specifications. 

For Sven Kamphuis, the bunker had yet another enticing attribute. The following quote is taken from an interview he gave to

“Well, technically, it is a NATO base. […] Basically, the building was sold in 1996 and it was never made into Dutch territory. We tried to make it Dutch territory at first, but we realized we do not actually need you people.”

It’s unclear if the former NATO bunker was indeed an independent territory, exempt from the jurisdiction of Dutch law – but Sven, for whom freedom from censorship and any sort of governmental interference was a powerful ideal, was more than willing to put this hypothesis to the test. He even appointed himself as “Minister of Telecommunications and Foreign Affairs for the Republic of CyberBunker.”

And so the two renegade dutchmen decided to team up, with Xennt running the business side of Cyberbunker, and Sven providing the technical expertise. They made Cyberbunker into a bullet-proof hosting service, pledging that –

“CyberBunker will keep your servers online “no matter what”. Cyberbunker will protect your servers from hurricanes, earthquakes, crashing airplanes, (nuclear) bombs, floods and anything else that could interrupt the hosting of your servers. […] In addition CyberBunker protects your servers also from others who might want to take your servers down like the DMCA, your competitors, authorities, burglars, governments and terrorists.”

A Fire In A Drugs Lab

Cyberbunker’s first customers were mostly porn websites: this did not present a problem to the Dutch authorities, since the Netherlands is known for its liberal attitude. Over time, though, these were joined by a growing number of less-legitimate clients: spammers, scammers, drug dealers and similar shady characters who found Cyberbunker’s hardline anti-authoritarian attitude appealing. Much of this activity was probably considered illegal in the Netherlands – but it seems that both the local and governmental authorities were unaware, at that point, of what was going on behind the nuclear bunker’s thick walls. 

But in 2002, the local fire brigade received an urgent call: smoke was billowing out of the underground bunker. The firemen rushed to the scene and quickly put out the fire: Xennt suffered burns to his hands and face. 

It soon turned out that these wounds were the lesser of Xennt’s and Sven’s problems: subsequent investigation of the incident discovered that the fire broke out due to an explosion in an illegal Ecstasy manufacturing lab hidden deep in one the bunker’s lower levels. Three men and one woman were arrested for running the illicit manufacturing facility, and were later sentenced to three years in prison. Xennt himself, although he was the actual owner of the building, managed to distance himself from the affair, claiming that he rented the space to what he thought was a painting manufacturing company, and that he was unaware of the unlawful activity that was going on in the lab. 

Xennt and Sven were off the hook – but the unfortunate incident turned out to be an eye opener for the Kloetinge city council, who for the first time took real interest in what was going on inside the old bunker. It didn’t take the council long to realize that Cyberbunker was operating an online crime-hub right underneath their noses. They decided to not wait for a full official investigation into Cyberbunker’s criminal activities, and do whatever was in their power to drive the rogue company out of their peaceful town. 

Cyberbunker Vs. Kloetinge

According to Cyberbunker’s website, a few months after the fire a city official appeared one day at the gate of the bunker, and asked to be taken on a tour of the facility. The official was “surprised” to discover that the building was used as a data center, and declared that the Cyberbunker was in violation of the city’s zoning regulations: apparently, the bunker was designated as a military zone, and web hosting had nothing to do with military activity. Cyberbunker’s representative retorted that the mayor himself has approved the purchase of the bunker and its transformation to a data center – and that he has a letter from the mayor to prove it. The city official – who was most probably well aware of that fact – insisted that Cyberbunker was violating zoning laws and must cease its operations. Cyberbunker declined the demand, and submitted an official request for a zoning change. The request was, as expected, denied.

The city council sent two more representatives to threaten Cyberbunker, but Xennt and Sven ignored them. The city then decided to sue the company for the supposed zoning violation, and in particular for operating an electric motor with a power draw in excess of 1.5kW without a valid permit – motors used for air treatment of the facility. The judge, however, ruled in favor of Cyberbunker. 

This regulatory cat and mouse game went on for quite some time until the city council, apparently, had enough. One day in 2007 the council’s chairman himself appeared in front of the bunker’s entrance and demanded to be let in. 

According to Cyberbunker’s description in its website, the chairman’s phone call was received by the bunker’s general manager – a man by the name of Jordan Robson who, based on his pictures in the company’s website, probably had a successful career as an international model before joining the rouge hosting company…It’s more than likely that this ‘Jordan Robson’ was none other than Johan Xennt himself, hiding behind a fictitious persona. Xennt\Robson notified the chairman that he will not be granted access to the bunker – and the chairman replied that he is accompanied by the police and fire brigade, and will enter the building by force if necessary.

This, apparently, was the moment that Xennt and Sven were waiting for: the first real opportunity to put their bunker to the test. Xennt reminded the chairman that the building was designed to survive a nuclear strike, wished the chairman success in his endeavor, and hung up the phone. 

Four hours later, when Xennt arrived at the bunker, he found the chairman and the fire brigade’s officers standing in front of the building’s massive blast doors. Apparently, the firemen had tried to cut the doors open with hydraulic equipment normally used to sheer cars involved in crashes – but all they managed to do was to damage the door’s mechanism to the point where it was jammed and could not be opened at all. According to Xennt, the humiliated chairman left the place with his men, and was later forced to compensate Cyberbunker for the damage done to the blast doors.

A few months later, the bunker had yet another opportunity to prove its usefulness. At dawn, a full SWAT team – wearing black bullet-proof vests and carrying automatic weapons and round metal shields, silently cut through the wire fence that surrounded Cyberbunker’s facility, and approached its front door. Once there, the soldiers pulled out a battering ram and tried to knock down the blast doors. One can only imagine the noise and commotion caused by the battering, but not only did the heavy doors hold their ground – the people deep inside the bunker, some of whom were watching a movie, never even noticed what was happening outside…Even when the SWAT team threw flashbang grenades to try and get their attention, no one in the bunker heard anything. The embarrassed SWAT team, like the council’s chairman before them, were forced to leave the building the way they came. Xennt only learned of the whole incident later that evening, when he noticed the marks left on the doors by the battering ram and checked the video recordings taken by the bunker’s surveillance system. 

The somewhat bizarre clashes with the Kloetinge city council proved to be a fantastic PR opportunity for Cyberbunker. Although most of the boasts on the company’s website regarding the bunker’s toughness were focused on its resilience against natural disasters – there was also a subtle but clear intimation that the bunker would also allow Cyberbunker to physically resist any attempts by law enforcement to forcibly break into the data center, as part of the company’s pledge to keep its clients’ web pages online “No Matter What.” Failed bids to break into the bunker, such as the city council’s chairman and SWAT team attempts, served as proof that Cyberbunker can and will resist any such future attempts – which is exactly what its potential clients wanted to hear. No wonder that Cyberbunker made sure to give detailed accounts of the failed break-in attempts on its website. 

The company’s next big PR opportunity cropped up in 2009. The Pirate Bay, the world’s most famous index of BitTorrent files, was facing fierce opposition on multiple fronts: some of members were convicted of assistance to copyright infringement and given jail time, while the website itself suffered recurring downtime due to the legal pressures exerted on its upstream providers. 

Xennt and Sven seized the opportunity and offered The Pirate Bay its no-questions-asked hosting services, and The Pirate Bay’s change of address from Sweden to the Netherlands grabbed the media attention, with sensational headlines such as ‘The Pirate Bay Relocates to a Nuclear Bunker.’ The Motion Pictures Association quickly moved to sue Cyberbunker, and a year later a district court ruled against the bullet-proof hosting service. The Pirate Bay relocated back to a Swedish hosting service – but Cyberbunker already earned its fifteen minutes of international fame. Cyberbunker also served as a mirror for WikiLeaks, further enhancing its reputation as a company willing to go the extra mile to protect its clients, shady and problematic as they might be. 

Cyberbunker Vs. The Spamhaus Project

But not all attention is necessarily good attention. 

Cyberbunker’s new notoriety drew the attention of The Spamhaus Project, an international organization founded in 1998 to battle email spammers, botnet controllers and the like. According to reporting by the journalist and blogger Brian Krebs, Spamhaus was already familiar with Cyberbunker – but the Dutch bulletproof hosting company wasn’t a top priority for the organization, until – 

“When they started hosting botnet controllers, malware droppers and a lot of pharma spam stuff.”

This noticeable rise in criminal activity, perhaps due to Cyberbunker’s newly found fame, prompted Spamhaus to take action. A member of Spamhaus told Krebs that when they tried to contact Cyberbunker, they got a rude reply. From the content of the conversation, it’s easy to guess that it was Sven Kamphuis who answered Spamhaus’s inquiries. 

“He made claims about being his own independent country in the Republic of Cyberbunker, and said he was not bound by any laws and whatnot. He also would sign his emails ‘Prince of Cyberbunker Republic.’”

In October 2011 Spamhaus contacted Cyberbunker’s upstream bandwidth provider, a Dutch company named A2B, and asked it to stop providing its services to Cyberbunker. A2B refused, and blocked only a single IP address from Cyberbunker’s range of addresses. 

This was a mistake. 

Spamhaus does not block or otherwise stop spammers by itself: It only maintains lists of known spammers and scammers – but these lists are used, in turn, by many Internet Service Providers and email servers to block such nefarious activities at their source. This fact gives Spamhaus enormous leverage: if Spamhaus declares a range of IP addresses to by the source of spam and other criminal activities, the ISPs that make use of its lists will block all emails coming from these addresses, both spam and legitimate messages – a risk no ISP can afford to take.

Which is exactly what happened to A2B’s network, when Spamhaus added A2B’s range of 2048 IP addresses to its list of addresses that are known sources of email spam. A2B’s executives were furious, accusing Spamhaus of extortion and even filing a police complaint against the anti-spam organization – but Spamhaus was hardly impressed, dismissing A2B’s claims as ‘rubbish’. Ever since its founding, the hard-nosed organization has been battling the Internet’s worst scums and crooks, and faced numerous lawsuits and harassment of every kind. Only a year earlier, the fearless organization added IP addresses belonging to none other than mighty Google to its list of banned addresses, when crooks began using its Docs service to spread spam…so one can see why a police complaint by a tiny Dutch ISP wasn’t all that intimidating for them. A2B had no other choice but to capitulate and remove Cyberbunker from its list of clients. 

Cyberbunker itself, however, refused to take the hint. It moved to a new upstream provider, and continued to host spammers, scammers and botnet operators – and so in March 2013, Spamhaus added it to its blacklist, effectively blocking all emails coming out of Cyberbunker’s network. 

This Means War

But unlike A2B’s executives, Sven and Xennt had no intention of caving in so easily to Spamhaus’s demands. They had plenty of friends in the online underworld, many of whom already had some beef with the anti-spam organization, and together they formed a loose coalition of bulletproof hosters calling itself ‘StopHaus,’ with Sven as its unofficial spokesperson. 

StopHause’s members got together, and hatched a plan to force Spamhaus to not only remove Cyberbunker from its blacklists – but to ultimately destroy the anti-spam organization. It would not be an easy undertaking, for sure, but Xennt, Sven and their buddies were willing to go all the way to get what they wanted. In fact, they were willing to break the Internet to make it happen, by orchestrating the largest DDoS attack the world has ever seen.