DDoS Attacks Aim to Censor Human Rights Groups

Tuesday, November 02, 2010

Anthony M. Freed


A rash of distributed denial of service attacks (DDoS) were levied against the websites of at least six human rights organizations in an apparent attempt at cyber censorship and retribution for the airing of controversial video footage that allegedly shows human rights abuses on the part of the Indonesian government against several Papuan civilians.

The websites for the Free West Papua Campaign, Survival International, Friends of People Close To Nature, West Papua Media Alerts, the Asian Human Rights Commission, and West Papua Unite all suffered downtime of varying durations after airing the video footage (some sites remained disabled as this article was written, so their Twitter accounts have been linked instead).

From London's Channel 4 News:

Dave Clemente, an international security expert from Chatham House, said this appears to be a "very basic attack" and is a "poor attempt at cyber censorship", which could have been launched by any hacker around the world.  

"This attack is not even in same universe as the Stuxnet, which targeted the Iranian nuclear units. It's targeted at a handful of relatively small websites, the sort of thing governments, corporations and small businesses are used to dealing with."

While initial reports indicate a lack of sophistication employed in the DDoS attacks, the subsequent results are nonetheless noteworthy, as they demonstrate that cyber aggression as a means of gaining tactical advantages in political conflicts is more than just fodder for discussions on the viability of cyberwar.

This is yet another example of one group's technological savvy being instrumental in disrupting another group's ability to functionally disseminate information, as were the cases in Estonia in 2007 and Georgia 2008.

DoS attacks are nothing new, and are perpetrated by simply flooding a target server with simultaneous communications.

The attacks are generally performed using as many as thousands of "zombie" PC's or servers that have been compromised unbeknownst to the rightful owner, through the dissemination of botnet malware.

Techniques also include the use of multiple IP addresses in an attack from a limited number of sources which can give the appearance of wide distribution, and still others claim to be able to perform a non-distributed DoS attack from a single low-spec source.

In an email correspondence with Tim Murphy, webmaster at the Free West Papua Campaign, one of the organizations targeted by the recent DDoS attacks, emphasized the effectiveness that such a campaign can have against small, non-profit organizations given their lack of financial resources:

I have just talked with the people who fixed Survival International's problem with the same DDoS attack, BUT they want lots and lots of money to fix it, and FWPC is a poor organization. In addition to dealing with the DDoS we also need to mirror this video so that the attackers get the idea that "the Internet sees any censorship as damage and reroutes around it."

Niels Groeneveld, who deserves full credit for bringing this story to our attention at Infosec Island, is recognized as an information systems security professional by the US Committee on National Security Systems (CNSS) and the US National Security Agency (NSA).

Niels has been instrumental in organizing an international response to the DDoS attacks, and indicates the momentum is building. We are looking forward to the pending investigation, and hope to share the results of their findings as soon as they are available.

Possibly Related Articles:
Vulnerabilities Web Application Security Cyberwar DDoS
Post Rating I Like this!
John Richardson However pedestrian this attack might be in relative terms, it had an impact on these NGOs, which was significant. This and many other similar attacks (China, Iran, Georgia, et al) speaks to the need for new thinking around international treaties that speak to interference with Internet freedoms.

This of course opens up a massive debate that is already boiling about questions of attribution to state actors, actual harm done and so on. Regardless, the importance of this event to observers around the world is the understanding that the Net can and will continue to be a truncheon by repressive governments to quell thought.Integration of these notions into the cyber security debate is crucial.
The views expressed in this post are the opinions of the Infosec Island member that posted this content. Infosec Island is not responsible for the content or messaging of this post.

Unauthorized reproduction of this article (in part or in whole) is prohibited without the express written permission of Infosec Island and the Infosec Island member that posted this content--this includes using our RSS feed for any purpose other than personal use.