Conflicting opinions causing DDoS blitzkriegs online

Sometimes disagreements and conflicts spill over from real life to online, and sometimes people go completely overboard and launch cyber attacks on services or websites they dislike, doing their best to sabotage them and often causing some serious downtime.

This sabotage is often done using distributed denial-of-service attacks (DDoS attacks) which send such extreme amounts of traffic to a website that it is effectively disabled.

This article takes a look at some high-profile examples of cyber attacks, how the attacked website was affected and why it was attacked (where this information is available). We also take a quick look at how these attacks are usually launched, what the long arm of the law is doing about it and how bad the punishment can actually get.

Eight high-profile DDoS attacks

  • October 2008 – Campaign websites for same-sex marriage attacked: Websites of political groups campaigning against a same-sex marriage ban in California (Prop 8 ) as well as in Florida were subjected to a DDoS attack right after a fund-raising appeal had been issued, the week before the vote.
  • July 2008 – Russian attack on Georgian websites: The growing tension between Russia and Georgia over Georgia’s membership in NATO spilled over online when the website of the Georgian President was subjected to a DDoS attack that made it unavailable over an entire weekend. The attackers, who used a botnet, were unknown but the motive was likely political: among the messages flooding the website was “win+love+in+Rusia.” Several other official Georgian websites were also affected.
  • January 2008 – The Church of Scientology website attacked: The website of the Church of Scientology was subjected to a DDoS attack which at times rendered it completely unreachable and caused as much as $70,000 in damage. The attack was said to have been in retaliation for its censorship of criticism against the church and was performed by members of an anti-Scientology group.
  • April 2007 – Cyberwar in Estonia: A series of cyber attacks (most of them DDoS attacks) via botnets on the websites of Estonian organizations, banks, ministries, newspapers and broadcasters. The attacks followed a disagreement with Russia regarding the relocation of a Soviet-era memorial to fallen soldiers and war graves in Tallinn. It’s sometimes referred to as the Estonian Cyberwar.
  • June 2006 –The Swedish Police website attacked after The Pirate Bay raid: After the Swedish police raided the (in)famous torrent tracker The Pirate Bay and confiscated their servers, the website of Sweden’s national police was taken down by a large-scale DDoS attack that sent 500,000 visits per second to the site.
  • May 2003 – SCO attacked after upsetting the Linux community: After SCO launched a billion-dollar lawsuit against IBM regarding Unix intellectual property being used for Open Source and Linux, something which infuriated the Linux community, SCO was hit by a DDoS attack that crippled its Internet operations.
  • March 2003 – Al-Jazeera websites attacked after publishing sensitive Iraq pictures: Soon after the Arab satellite TV network Al-Jazeera published pictures of US soldiers held as prisoners in Iraq, both its Arab and English-language websites were subjected to a DDoS attack that caused so much traffic to the websites that Al-Jazeera’s hosting provider canceled the hosting contract.
  • July 2002 – The RIAA website attacked after endorsing anti-piracy legislation: The website of the Recording Industry Association of America (RIAA) was subjected to a DDoS attack that made it unavailable for portions of four days. The attack came after RIAA had endorsed legislation that would allow copyright holders to disrupt peer-to-peer file sharing networks.

What does the law say?

Perhaps some people think that since these attacks are just virtual, it’s ok, but truth is that these attacks can lead to severe penalties if the culprit is caught.

In the US the FBI works actively against cyber crimes and if people are caught they face severe allegations. FBI even has an “Internet Crime Complaint Center” and has on several occasions arrested people running botnets.

To give a real-world example of legal repercussions, one of the persons involved in the attack on the Church of Scientology website that we mentioned above was sentenced to pay $37,000 in restitution and is facing up to 10 years in federal prison.

Legal repercussions in other parts of the world vary, but nowhere are they likely to be stricter than in Pakistan. Although perhaps not always applicable to things such as DDoS attacks, Pakistan has recently made “cyber terrorism” a crime punishable by death.

DDoS attacks and botnets

As you can see, the DDoS attacks we have listed above were initiated by botnets, large networks of potentially thousands of compromised computers. These computers (often called zombie computers) are usually regular home PCs that have at some point been infected with malware that have made them a part of a botnet. Working in unison, these computers can of course send a massive amount of traffic in one direction.

There exists a large number of botnets in the world, and new ones are created all the time. Access to them can actually be bought (in the right circles). There are even some underground “rent a botnet” services.

Botnets are also used for other purposes than DDoS attacks, such as distributing email spam.

You can read up on the various aspects of DDoS attacks over at this very thorough Wikipedia entry.

What about your website?

We believe this subject definitely merits discussion since these attacks often make a significant dent in the uptime of a website.

If a website owner is doing something that is of a controversial nature (to a group of people), or if the website content itself is controversial, he/she is in the risk zone. Anything that people have strong feelings about, such as politics, religion and ideologies, can be the trigger.

There is also another factor to consider. DDoS attacks on websites can affect all websites hosted at the same location, even if they have nothing to do with the attacked website. The attack on Al-Jazeera that we mentioned in this article is an excellent example, where the web host actually ended up canceling the hosting contract for Al-Jazeera.

Has your website or service been brought down by a cyber attack (such as a DDoS attack)? How did you solve the problem? What are you doing to protect yourself against these kinds of incidents?

We would love to hear from you about that (and anything else on your mind), so don’t hesitate to make yourself heard in the comments.

Leave a Reply

Comments are moderated and not published in real time. All comments that are not related to the post will be removed.