Monday, March 21, 2011

DDoS Attacks Aim to Censor Human Rights Groups

DDoS Attacks Aim to Censor Human Rights Groups


Wednesday, November 03, 2010



Anthony M. Freed

C70e8ed35fb5ca21f3b33e446090de25

A rash of distributed denial of service attacks (DDoS) were levied against the websites of at least six human rights organizations in an apparent attempt at cyber censorship and retribution for the airing of controversial video footage that allegedly shows human rights abuses on the part of the Indonesian government against several Papuan civilians.

The websites for the Free West Papua Campaign, Survival International, Friends of People Close To Nature, West Papua Media Alerts, the Asian Human Rights Commission, and West Papua Unite all suffered downtime of varying durations after airing the video footage (some sites remained disabled as this article was written, so their Twitter accounts have been linked instead).

From London's Channel 4 News:

Dave Clemente, an international security expert from Chatham House, said this appears to be a "very basic attack" and is a "poor attempt at cyber censorship", which could have been launched by any hacker around the world.  

"This attack is not even in same universe as the Stuxnet, which targeted the Iranian nuclear units. It's targeted at a handful of relatively small websites, the sort of thing governments, corporations and small businesses are used to dealing with."

While initial reports indicate a lack of sophistication employed in the DDoS attacks, the subsequent results are nonetheless noteworthy, as they demonstrate that cyber aggression as a means of gaining tactical advantages in political conflicts is more than just fodder for discussions on the viability of cyberwar.

This is yet another example of one group's technological savvy being instrumental in disrupting another group's ability to functionally disseminate information, as were the cases in Estonia in 2007 and Georgia 2008.

DoS attacks are nothing new, and are perpetrated by simply flooding a target server with simultaneous communications.

The attacks are generally performed using as many as thousands of "zombie" PC's or servers that have been compromised unbeknownst to the rightful owner, through the dissemination of botnet malware.

Techniques also include the use of multiple IP addresses in an attack from a limited number of sources which can give the appearance of wide distribution, and still others claim to be able to perform a non-distributed DoS attack from a single low-spec source.

In an email correspondence with Tim Murphy, webmaster at the Free West Papua Campaign, one of the organizations targeted by the recent DDoS attacks, emphasized the effectiveness that such a campaign can have against small, non-profit organizations given their lack of financial resources:

I have just talked with the people who fixed Survival International's problem with the same DDoS attack, BUT they want lots and lots of money to fix it, and FWPC is a poor organization. In addition to dealing with the DDoS we also need to mirror this video so that the attackers get the idea that "the Internet sees any censorship as damage and reroutes around it."

Niels Groeneveld, who deserves full credit for bringing this story to our attention at Infosec Island, is recognized as an information systems security professional by the US Committee on National Security Systems (CNSS) and the US National Security Agency (NSA).

Niels has been instrumental in organizing an international response to the DDoS attacks, and indicates the momentum is building. We are looking forward to the pending investigation, and hope to share the results of their findings as soon as they are available.

No comments:

Post a Comment