DDoS Attacks Targeting Human Rights Sites Rise as Weapon
It's no secret denial-of-service attacks have increasingly become a mode of protest in the cyber-world, as well as a way to silence political critics; but a new report from Harvard University's Berkman Center for Internet & Society underscores just how much.
According to the report (PDF), 280 independent media and human-rights Websites were hit with 140 attacks between September 2009 and August 2010. Since 1998, the researchers counted reports of 329 different attacks against more than 815 sites - numbers they estimate are only a small portion of actual attacks.
"DDoS [distributed-denial-of-service] is a pretty common form of attack against human rights and independent media sites, and the volume of attacks does not appear to be slowing," blogged Ethan Zuckerman, senior researcher at the Berkman Center and co-author of the report. "The technique has been applied to a very wide range of targets and appears to have no strong ties to any particular set of political principles."
The publication of the report follows revelations about extensive denial-of-service attacks related to the WikiLeaks controversy. During the past few weeks, hacktivists have targeted sites ranging from PayPal to MasterCard to WikiLeaks itself.
According to the report, mitigating DDoS attacks will "likely require moving those sites closer to the core of the Internet: inside the small number of major ISPs, Websites, and content distribution networks (CDNs) that have the experience and resources to defend against these attacks, particularly network DDoS attacks."
Application-layer DDoS attacks can be strongly mitigated by replacing complex content management systems with static HTML, or by adding "aggressive caching systems to deliver content at the expense of interactivity," according to the report.
"All organizations should carefully consider whether to host their sites on a free, highly DDoS-resistant hosting service like Blogger, even at the cost of prestige, functionality and possible intermediary censorship," the report recommends. "Organizations that choose to host their own sites should plan for attacks in advance, even if those plans include acceptable levels of downtime."
In addition, the authors suggest the human rights community work with Internet Service Providers (ISPs) and online service providers (OSPs) to identify providers who will help protect sites from DDoS and will agree to not remove controversial content unless required by law.
"We see no silver bullets for the independent media and human rights community," Zuckerman blogged. "Our recommendations cover a variety of technical steps that can reduce the impact of attacks. Ultimately, we end up recommending building new social institutions that make it easier for targeted sites to seek help from the technical community and from large DDoS resistant hosting providers."