DDoS Attacks Aim to Censor Human Rights Groups

Updated: November 03, 2010

The websites for the Free West Papua Campaign, Survival International, Friends of People Close To Nature, West Papua Media Alerts, the Asian Human Rights Commission, and West Papua Unite all suffered downtime of varying durations after airing the video footage (some sites remained disabled as this article was written, so their Twitter accounts have been linked instead).

From London's Channel 4 News:

Dave Clemente, an international security expert from Chatham House, said this appears to be a "very basic attack" and is a "poor attempt at cyber censorship", which could have been launched by any hacker around the world.

"This attack is not even in same universe as the Stuxnet, which targeted the Iranian nuclear units. It's targeted at a handful of relatively small websites, the sort of thing governments, corporations and small businesses are used to dealing with."

While initial reports indicate a lack of sophistication employed in the DDoS attacks, the subsequent results are nonetheless noteworthy, as they demonstrate that cyber aggression as a means of gaining tactical advantages in political conflicts is more than just fodder for discussions on the viability of cyberwar.

This is yet another example of one group's technological savvy being instrumental in disrupting another group's ability to functionally disseminate information, as were the cases in Estonia in 2007 and Georgia 2008.

DoS attacks are nothing new, and are perpetrated by simply flooding a target server with simultaneous communications.

The attacks are generally performed using as many as thousands of "zombie" PC's or servers that have been compromised unbeknownst to the rightful owner, through the dissemination of botnet malware.

Techniques also include the use of multiple IP addresses in an attack from a limited number of sources which can give the appearance of wide distribution, and still others claim to be able to perform a non-distributed DoS attack from a single low-spec source.

In an email correspondence with Tim Murphy, webmaster at the Free West Papua Campaign, one of the organizations targeted by the recent DDoS attacks, Tim emphasized the effectiveness that such a campaign can have against small, non-profit organizations given their lack of financial resources:

I have just talked with the people who fixed Survival International's problem with the same DDoS attack, BUT they want lots and lots of money to fix it, and FWPC is a poor organization. In addition to dealing with the DDoS we also need to mirror this video so that the attackers get the idea that "the Internet sees any censorship as damage and reroutes around it."

Niels Groeneveld, who deserves full credit for bringing this story to our attention at Infosec Island, is recognized as an information systems security professional by the US Committee on National Security Systems (CNSS) and the US National Security Agency (NSA).

Niels has been instrumental in organizing an international response to the DDoS attacks, and indicates the momentum is building. From his recent email discussing the events:

Rafal Rohozinski from SecDev asks whether he can investigate these incidents. He's working with Nart Villeneuve and people from Citizen Lab and the Information Warfare Monitor... They were responsible for the GhostNet and Shadows in the Clouds reports, on Chinese cyber espionage against, amongst others, the Dalai Lama.

Related Categories
Featured Research
  • Office365 Adoption eGuide

    Microsoft moved to the cloud in 2014, and, as a result, Office 365 is taking off. Now, Okta customers are connecting to Office 365 in increasing numbers. This eGuide explains why IT departments should plan and deploy solutions around identity and mobility management in concert with their Office 365 roll out to get maximum user adoption. more

  • Okta Directory Integration

    For most companies, Active Directory (AD) or Lightweight Directory Access Protocol (LDAP) play a central role in coordinating identity and access management policies. When on-premise applications are integrated to Active Directory or LDAP, users get the best possible experience. That's why Okta's cloud-based identity and access management service provides a highly useful single integration point. more

  • Securing Enterprise Information Technology

    In the 1980s and 1990s, business applications and data were largely confined within and protected by a Local Area Network (LAN). The 2000s introduced a significant change. Download this white paper now to learn why the shift to the cloud is changing how companies think about and manage their IT infrastructure. more

  • Top 8 Identity and Access Management Challenges with Your SaaS Applications

    With more and more businesses adopting Software-as-a-Service (SaaS) applications, enterprise IT is fundamentally changing. This whitepaper presents the eight biggest Identity and Access Management (IAM) challenges associated with adopting and deploying cloud and SaaS applications, and discusses best practices for addressing each of them. more

  • Better BYOD with Pulse Secure and MDM Partners

    Learn how Pulse Secure and leading MDM product partners are transforming the way employees and IT benefit from the productivity and flexibility of BYOD — without compromising security or increasing management complexity. more