Widespread violent protests across the US over the past week have been followed by attempted DDoS attacks on several rights groups, according to Cloudflare.
The web security firm analyzed malicious HTTP requests it blocked across the weekend of April 25/26 versus a month later (May 30/31). Minneapolis resident George Floyd was killed on May 25, sparking a wave of violence and protests across the US over the succeeding days.
Cloudflare claimed to have blocked 135.5 billion such requests in the May weekend, a 17% increase on the 116.3 billion blocked in the April weekend. That’s a month-on-month increase of over 19 billion attack requests.
The firm said that Sunday May 31 recorded an even higher month-on-month increase, of 26%, in attempted attacks.
Organizations classed as advocacy groups were subject to a much higher increase: May attack volumes were 1120-times the April figure.
“In fact, those groups went from having almost no attacks at all in April, to attacks peaking at 20,000 requests per second on a single site,” wrote Cloudflare.
“One particular attacker, likely using a hacked server in France, was especially persistent and kept up an attack continuously hitting an advocacy group continuously for over a day. We blocked those malicious HTTP requests and kept the site online.”
The security provider has detailed data on these rights groups as many of them are protected by its Project Galileo initiative, designed to shield such organizations from widespread online attempts to silence them.
“There are many organizations fighting racism who participate in Project Galileo. Over the last week we’ve seen a dramatic increase in the number of cyber-attacks against them,” the firm explained.
“Unfortunately, if recent history is any guide, those who speak out against oppression will continue to face cyber-attacks that attempt to silence them.”
Advocacy groups promoting the Black Lives Matter message weren’t the only recipients of DDoS attacks during the period. Cloudflare said it also recorded a 1.8-times increase in attacks on government sites and a 3.8-times increase in malicious traffic targeting military sites during the same period.