Nowadays, any kind of unexpected Website downtime seems to bring out the Chicken Little in all of us. Instead of “The sky is falling!” we shout, “It’s a DDOS attack!”
All of BBC’s Websites were offline for about an hour late in the evening on March 29 with many of its pages not loading, prompting concerns that the news site was under a distributed denial-of-service attack.
On Twitter and forums (the Internet’s equivalent of the water cooler), there was speculation that Anonymous, everyone’s favorite DDOS-happy hacktivists, had targeted BBC because of issues with the way BBC News covered news. It didn’t help that someone on AnonNews.org claimed responsibility for “Operation Britain” and claimed grievances with both the British government and media.
The problem is, it wasn’t a DDOS attack. Even the BBC said so. BBC apologized to the readers for “a major network problem” that caused the “total outage of all BBC Websites” early March 30. Steve Harrmann, the online news editor, said the technical team is still working on the incident so all the details were not yet available.
What’s disconcerting is that lately, without any evidence one way or other, people are beginning to treat any network downtime as a DDOS attack. It’s a siege mentality. There has been an increase in the number of DDOS attacks being used by “hacktivists” as a form of protest against an organization’s policies. A Harvard University research report found 280 independent media and human-rights Websites were hit with 140 attacks between September 2009 and August 2010.
Imperva’s Amichai Shulman called it “serial hacktivism.”
Anonymous is not the only group using DDOS attacks to make their point, all though that loose-knit hacktivist group has launched several high-profile attacks, including HBGary Federal, PayPal, MasterCard and the Yemeni government, to just count off a few. There was a massive attack on South Korean government Web sites earlier this month that was not appear to have been organized by Anonymous.
Shortly after the BBC blackout, another post on AnonNews.org dismissed responsibility, arguing convincingly that Anonymous was opposed to any form of censorship, and taking down a major news site was the biggest form of censorship.
Paul Mutton, a security researcher at Netcraft, said that traffic patterns around the BBC site immediately before and after the outage suggested that it was down to a technical failure. “It did not look like a DDoS. It was a very abrupt outage,” he said. For a DDOS, there is usually some kind of an increase in request times to the Website, he said.
On March 21, domain hosting giant Network Solutions had still-unexplained issues that forced customers offline. Angry customers savaged Network Solutions on Facebook and Twitter, complaining about their Websites (many e-commerce sites) being offline, not being able to get any e-mails (many resorted to backup Gmail addresses), and not being able to get through to any support pages on Network Solutions.
When eWEEK tried to call Network Solutions to find out what customers were being told, was on hold for two hours before getting disconnected. On the Twitter feed, Network Solutions kept assuring customers they were sorry and were working to resolve the problem. Yet many were convinced it was a DoS attack.
Perhaps customers would rather believe their providers are under attack than to consider a technical glitch or employee error?