Human rights sites "under constant DDoS attack"

 

Gallery

By Stewart Mitchell

Posted on 22 Dec 2010 at 11:09

The “cyber war” involving WikiLeaks was only the tip of the iceberg in a wave of political hacking attacks targeting sites with differing opinions, according to a report from Harvard University.

The report from the Berkman Center for Internet & Society investigated attacks against human rights sites and independent media sources and found that attacks were no longer restricted to elections and high-profile media events.

“DDoS attacks against independent media and human rights sites have been common in the past year, even outside of elections, protests, and military operations,” the report said.

“With recent highly publicised DDoS attacks on WikiLeaks, and “Operation Payback” attacks by Anonymous on sites perceived to oppose WikiLeaks, we expect these attacks to become more common.”

the ability of virtually anyone to speak freely online can be constrained by the corporate decision making of internet intermediaries

The report was mostly written before November's WikiLeaks attacks, but the authors delayed its release to include the incident in its findings. It maintains that attacks are happening constantly and can knock protest sites offline for weeks at a time.

“When an organisation like Viet Tan – a leading Vietnamese pro-democracy organisation – suffers denial of service attacks, it’s rarely discussed outside the digital activist community,” said Ethan Zuckerman, one of the report's authors.

No hiding place

The institute made a number of recommendations on how sites could protect themselves against attacks, but according to the authors the fallout from the WikiLeaks case has made them rethink their advice.

The whistle-blowing site was effectively taken offline when Amazon withdrew its hosting services and DNS provider, Every DNS, pulled the plug on its services.

“Initially, the report warned that moving sites closer to the core of the internet - a small number of major ISPs and content distribution networks - would provide the experience and resources to defend against these attacks, particularly network DDoS attacks,” said Zuckerman.

According to the report, core network administrators could fend off most DDoS attacks within an hour. However, if they can't be trusted to remain independent, the concept of moving campaign sites onto the core comes under question.

"Amazon’s decision to remove WikilLeaks from its servers – under intense pressure from Senator Joe Lieberman – complicated one of the major suggestions we offer in the report,” said Zuckerman.

“Amazon’s disturbing decision to stop providing services to WikiLeaks suggests that our advice might need to be rethought - the ability of virtually anyone to speak freely online can be constrained by the corporate decision making of internet intermediaries."