DDoS and the collateral damage of hacktivism

First we had the week-long effective DDoS attack against WikiLeaks, delivered by AntiLeaks. The same group attacked Russia Today (apparently for hosting an Assange chat show and generally appearing too pro-Assange). AntiLeaks then took down Bambuser for showing a live video stream from the Ecuadorean embassy. While WikiLeaks was the target, Russia Today and Bambuser were effectively collateral damage.

Now Anonymous has entered the fray. First came the traditional video warning. It compared the UK's refusal to extradite a convicted rapist/pedophile (because it might contravene his human rights) to its apparent determination to extradite Assange (for questioning). “We ask you to let Julian Assange free,” it concluded, “to safely aid him in his travel to Ecuador to his new life away from this corrupt and cruel country. Anonymous UK will continue to be the thorn in your side if you do not... Do the right thing. Free Julian Assange. We are Anonymous... Expect us.”

The attacks started on Monday night – but it would seem that Anonymous was expected. An attack on the Department of Justice caused disruption for a few hours, but the site retained intermittent service. Other attacks, apparently against the prime minister, and the Department for Work and Pensions, were similarly lacklustre. But one thing is certain: DDoS is now the weapon of choice for all ideologically motivated cyber activism; and whether the source is Anonymous or AntiLeaks, Jester or LulzSec, they – and the collateral damage they cause – will continue.

Commenting on the brand damage that can be caused by such attacks, whether against government or private industry, Ash Patel of Stonesoft said, “The attack against the UK government highlights how DDoS attacks are increasingly being used by hacktivist groups looking to retaliate against certain organizations and voice their frustrations. They understand the damage they can inflict upon an organization using a DDoS attack but seem to have little regard towards the consequences of their actions.” Those consequences, he fears, can cause collateral damage on the entire UK economy. “The DDoS attacks also have the potential to damage the reputation of ‘UK PLC’ – which is currently promoting itself as the place to do online business. The government should be showing that this is a reliable country for companies to operate in. But such attacks portray the UK negatively and can affect how many businesses trade both in and with the UK.”

What’s hot on Infosecurity Magazine?