DDoS Attacks Aim to Censor Human Rights Groups
The websites for the Free West Papua Campaign, Survival International, Friends of People Close To Nature, West Papua Media Alerts, the Asian Human Rights Commission, and West Papua Unite all suffered downtime of varying durations after airing the video footage (some sites remained disabled as this article was written, so their Twitter accounts have been linked instead).
From London's Channel 4 News:
Dave Clemente, an international security expert from Chatham House, said this appears to be a "very basic attack" and is a "poor attempt at cyber censorship", which could have been launched by any hacker around the world.
"This attack is not even in same universe as the Stuxnet, which targeted the Iranian nuclear units. It's targeted at a handful of relatively small websites, the sort of thing governments, corporations and small businesses are used to dealing with."
While initial reports indicate a lack of sophistication employed in the DDoS attacks, the subsequent results are nonetheless noteworthy, as they demonstrate that cyber aggression as a means of gaining tactical advantages in political conflicts is more than just fodder for discussions on the viability of cyberwar.
This is yet another example of one group's technological savvy being instrumental in disrupting another group's ability to functionally disseminate information, as were the cases in Estonia in 2007 and Georgia 2008.
DoS attacks are nothing new, and are perpetrated by simply flooding a target server with simultaneous communications.
The attacks are generally performed using as many as thousands of "zombie" PC's or servers that have been compromised unbeknownst to the rightful owner, through the dissemination of botnet malware.
Techniques also include the use of multiple IP addresses in an attack from a limited number of sources which can give the appearance of wide distribution, and still others claim to be able to perform a non-distributed DoS attack from a single low-spec source.
In an email correspondence with Tim Murphy, webmaster at the Free West Papua Campaign, one of the organizations targeted by the recent DDoS attacks, Tim emphasized the effectiveness that such a campaign can have against small, non-profit organizations given their lack of financial resources:
I have just talked with the people who fixed Survival International's problem with the same DDoS attack, BUT they want lots and lots of money to fix it, and FWPC is a poor organization. In addition to dealing with the DDoS we also need to mirror this video so that the attackers get the idea that "the Internet sees any censorship as damage and reroutes around it."
Niels Groeneveld, who deserves full credit for bringing this story to our attention at Infosec Island, is recognized as an information systems security professional by the US Committee on National Security Systems (CNSS) and the US National Security Agency (NSA).
Niels has been instrumental in organizing an international response to the DDoS attacks, and indicates the momentum is building. From his recent email discussing the events:
Rafal Rohozinski from SecDev asks whether he can investigate these incidents. He's working with Nart Villeneuve and people from Citizen Lab and the Information Warfare Monitor... They were responsible for the GhostNet and Shadows in the Clouds reports, on Chinese cyber espionage against, amongst others, the Dalai Lama.
Any operational business model relies heavily on IT support and the help desk to achieve maximum uptime for all IT systems. This white paper addresses ways for help desk analysts and IT support staff to easily and efficiently handle their workload by simplifying and automating processes to increase time and operational cost savings, enhance productivity, and boost customer satisfaction. more
